cvelistv5 - cve-2024-0748

CVE-2024-0748 (GCVE-0-2024-0748)

Vulnerability from cvelistv5 – Published: 2024-01-23 13:48 – Updated: 2025-06-11 15:15

Summary

A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE

Compromised content process could modify document URI

Assigner

mozilla

References

URL

Tags

	https://bugzilla.mozilla.org/show_bug.cgi?id=1783504
	https://www.mozilla.org/security/advisories/mfsa2…

Impacted products

	Vendor	Product	Version
	Mozilla	Firefox	Affected: unspecified , < 122 (custom)

Credits

Young Min Kim

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:18:18.507Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783504"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-0748",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-11T15:14:05.490123Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-11T15:15:11.112Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "122",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Young Min Kim"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122."
            }
          ],
          "value": "A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Compromised content process could modify document URI",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-23T13:48:21.814Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783504"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2024-0748",
    "datePublished": "2024-01-23T13:48:21.814Z",
    "dateReserved": "2024-01-19T16:52:25.721Z",
    "dateUpdated": "2025-06-11T15:15:11.112Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"122.0\", \"matchCriteriaId\": \"EEF7698D-52B1-4E62-8ADD-782A4BC59AD8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122.\"}, {\"lang\": \"es\", \"value\": \"Un proceso de contenido comprometido podr\\u00eda haber actualizado el URI del documento. Esto podr\\u00eda haber permitido a un atacante establecer un URI arbitrario en la barra de direcciones o en el historial. Esta vulnerabilidad afecta a Firefox \u0026lt; 122.\"}]",
      "id": "CVE-2024-0748",
      "lastModified": "2024-11-21T08:47:16.760",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}]}",
      "published": "2024-01-23T14:15:38.507",
      "references": "[{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1783504\", \"source\": \"security@mozilla.org\", \"tags\": [\"Issue Tracking\", \"Permissions Required\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-01/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1783504\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Permissions Required\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-01/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@mozilla.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-0748\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2024-01-23T14:15:38.507\",\"lastModified\":\"2025-06-11T16:15:23.200\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122.\"},{\"lang\":\"es\",\"value\":\"Un proceso de contenido comprometido podr\u00eda haber actualizado el URI del documento. Esto podr\u00eda haber permitido a un atacante establecer un URI arbitrario en la barra de direcciones o en el historial. Esta vulnerabilidad afecta a Firefox \u0026lt; 122.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"122.0\",\"matchCriteriaId\":\"EEF7698D-52B1-4E62-8ADD-782A4BC59AD8\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1783504\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-01/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1783504\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2024-01/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1783504\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-01/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T18:18:18.507Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-0748\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-11T15:14:05.490123Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-11T15:14:48.380Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"Young Min Kim\"}], \"affected\": [{\"vendor\": \"Mozilla\", \"product\": \"Firefox\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"122\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1783504\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2024-01/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Compromised content process could modify document URI\"}]}], \"providerMetadata\": {\"orgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"shortName\": \"mozilla\", \"dateUpdated\": \"2024-01-23T13:48:21.814Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-0748\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-11T15:15:11.112Z\", \"dateReserved\": \"2024-01-19T16:52:25.721Z\", \"assignerOrgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"datePublished\": \"2024-01-23T13:48:21.814Z\", \"assignerShortName\": \"mozilla\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2024-AVI-0063

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Mozilla	Firefox ESR	Firefox ESR versions antérieures à 115.7
Mozilla	Firefox	Firefox versions antérieures à 122
Mozilla	Thunderbird	Thunderbird versions antérieures à 115.7

References

Title

Publication Time

Tags

Bulletin de sécurité Mozilla mfsa2024-01 du 23 janvier 2024	None	vendor-advisory
Bulletin de sécurité Mozilla mfsa2024-04 du 23 janvier 2024	None	vendor-advisory
Bulletin de sécurité Mozilla mfsa2024-02 du 23 janvier 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.7",
      "product": {
        "name": "Firefox ESR",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Firefox versions ant\u00e9rieures \u00e0 122",
      "product": {
        "name": "Firefox",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Thunderbird versions ant\u00e9rieures \u00e0 115.7",
      "product": {
        "name": "Thunderbird",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2024-0745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0745"
    },
    {
      "name": "CVE-2024-0744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0744"
    },
    {
      "name": "CVE-2024-0749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0749"
    },
    {
      "name": "CVE-2024-0750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0750"
    },
    {
      "name": "CVE-2024-0751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0751"
    },
    {
      "name": "CVE-2024-0741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0741"
    },
    {
      "name": "CVE-2024-0743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
    },
    {
      "name": "CVE-2024-0755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0755"
    },
    {
      "name": "CVE-2024-0752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0752"
    },
    {
      "name": "CVE-2024-0747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0747"
    },
    {
      "name": "CVE-2024-0754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0754"
    },
    {
      "name": "CVE-2024-0753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0753"
    },
    {
      "name": "CVE-2024-0748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0748"
    },
    {
      "name": "CVE-2024-0746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
    },
    {
      "name": "CVE-2024-0742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0742"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0063",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-01-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Mozilla\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-01 du 23 janvier 2024",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-01/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-04 du 23 janvier 2024",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-04/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-02 du 23 janvier 2024",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-02/"
    }
  ]
}

CERTFR-2024-AVI-0063

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Mozilla	Firefox ESR	Firefox ESR versions antérieures à 115.7
Mozilla	Firefox	Firefox versions antérieures à 122
Mozilla	Thunderbird	Thunderbird versions antérieures à 115.7

References

Title

Publication Time

Tags

Bulletin de sécurité Mozilla mfsa2024-01 du 23 janvier 2024	None	vendor-advisory
Bulletin de sécurité Mozilla mfsa2024-04 du 23 janvier 2024	None	vendor-advisory
Bulletin de sécurité Mozilla mfsa2024-02 du 23 janvier 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.7",
      "product": {
        "name": "Firefox ESR",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Firefox versions ant\u00e9rieures \u00e0 122",
      "product": {
        "name": "Firefox",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Thunderbird versions ant\u00e9rieures \u00e0 115.7",
      "product": {
        "name": "Thunderbird",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2024-0745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0745"
    },
    {
      "name": "CVE-2024-0744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0744"
    },
    {
      "name": "CVE-2024-0749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0749"
    },
    {
      "name": "CVE-2024-0750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0750"
    },
    {
      "name": "CVE-2024-0751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0751"
    },
    {
      "name": "CVE-2024-0741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0741"
    },
    {
      "name": "CVE-2024-0743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
    },
    {
      "name": "CVE-2024-0755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0755"
    },
    {
      "name": "CVE-2024-0752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0752"
    },
    {
      "name": "CVE-2024-0747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0747"
    },
    {
      "name": "CVE-2024-0754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0754"
    },
    {
      "name": "CVE-2024-0753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0753"
    },
    {
      "name": "CVE-2024-0748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0748"
    },
    {
      "name": "CVE-2024-0746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
    },
    {
      "name": "CVE-2024-0742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0742"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0063",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-01-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Mozilla\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-01 du 23 janvier 2024",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-01/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-04 du 23 janvier 2024",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-04/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2024-02 du 23 janvier 2024",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-02/"
    }
  ]
}

GSD-2024-0748

Vulnerability from gsd - Updated: 2024-01-20 06:02

Details

A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.

Aliases

CVE-2024-0748

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-0748"
      ],
      "details": "A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122.",
      "id": "GSD-2024-0748",
      "modified": "2024-01-20T06:02:15.815494Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@mozilla.org",
        "ID": "CVE-2024-0748",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Firefox",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "unspecified",
                          "version_value": "122"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Mozilla"
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "Young Min Kim"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Compromised content process could modify document URI"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783504",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783504"
          },
          {
            "name": "https://www.mozilla.org/security/advisories/mfsa2024-01/",
            "refsource": "MISC",
            "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "EEF7698D-52B1-4E62-8ADD-782A4BC59AD8",
                    "versionEndExcluding": "122.0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122."
          },
          {
            "lang": "es",
            "value": "Un proceso de contenido comprometido podr\u00eda haber actualizado el URI del documento. Esto podr\u00eda haber permitido a un atacante establecer un URI arbitrario en la barra de direcciones o en el historial. Esta vulnerabilidad afecta a Firefox \u0026lt; 122."
          }
        ],
        "id": "CVE-2024-0748",
        "lastModified": "2024-01-30T16:21:36.890",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 1.4,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2024-01-23T14:15:38.507",
        "references": [
          {
            "source": "security@mozilla.org",
            "tags": [
              "Issue Tracking",
              "Permissions Required"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783504"
          },
          {
            "source": "security@mozilla.org",
            "tags": [
              "Release Notes",
              "Vendor Advisory"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/"
          }
        ],
        "sourceIdentifier": "security@mozilla.org",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "NVD-CWE-noinfo"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

WID-SEC-W-2024-0185

Vulnerability from csaf_certbund - Published: 2024-01-23 23:00 - Updated: 2024-12-15 23:00

Summary

Mozilla Firefox: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Firefox ist ein Open Source Web Browser. Firefox ist ein Open Source Web Browser. ESR ist die Variante mit verlängertem Support. Thunderbird ist ein Open Source E-Mail Client.

Angriff

Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen Phishing-Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux - MacOS X - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Firefox ist ein Open Source Web Browser.\r\nFirefox ist ein Open Source Web Browser. \r\nESR ist die Variante mit verl\u00e4ngertem Support.\r\nThunderbird ist ein Open Source E-Mail Client.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen Phishing-Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0185 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0185.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0185 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0185"
      },
      {
        "category": "external",
        "summary": "Mozilla Foundation Security Advisory vom 2024-01-23",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-01/"
      },
      {
        "category": "external",
        "summary": "Mozilla Foundation Security Advisory vom 2024-01-23",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-02/"
      },
      {
        "category": "external",
        "summary": "Mozilla Foundation Security Advisory vom 2024-01-23",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-04/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5606 vom 2024-01-24",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00013.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5605 vom 2024-01-24",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00012.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0211-1 vom 2024-01-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017748.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-C8C2A52FB8 vom 2024-01-24",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-c8c2a52fb8"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-278A776610 vom 2024-01-24",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-278a776610"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3720 vom 2024-01-25",
        "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0229-1 vom 2024-01-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017757.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0228-1 vom 2024-01-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017758.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0242-1 vom 2024-01-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017761.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6610-1 vom 2024-01-29",
        "url": "https://ubuntu.com/security/notices/USN-6610-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0559 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0559"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0605 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0605"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0601 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0601"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0608 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0608"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0603 vom 2024-01-31",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0603.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0616 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0616"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0619 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0619"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0601 vom 2024-01-31",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0601.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0602 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0602"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0609 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0609"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0603 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0603"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0596 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0596"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0622 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0622"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0618 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0618"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0598 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0598"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0615 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0615"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0600 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0600"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0604 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0604"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0623 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0623"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0565 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0565"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0602 vom 2024-01-31",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0602.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0609 vom 2024-01-31",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0609.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0600 vom 2024-01-31",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0600.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3727 vom 2024-01-31",
        "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0608 vom 2024-01-31",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0608.html"
      },
      {
        "category": "external",
        "summary": "CentOS Security Advisory CESA-2024:0600 vom 2024-02-05",
        "url": "https://lists.centos.org/pipermail/centos-announce/2024-February/099220.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-2440 vom 2024-02-06",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2440.html"
      },
      {
        "category": "external",
        "summary": "CentOS Security Advisory CESA-2024:0600 vom 2024-02-05",
        "url": "https://lists.centos.org/pipermail/centos-announce/2024-February/099221.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASFIREFOX-2024-021 vom 2024-02-06",
        "url": "https://alas.aws.amazon.com/AL2/ALASFIREFOX-2024-021.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6610-2 vom 2024-02-07",
        "url": "https://ubuntu.com/security/notices/USN-6610-2"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:0609 vom 2024-02-12",
        "url": "https://errata.build.resf.org/RLSA-2024:0609"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:0608 vom 2024-02-12",
        "url": "https://errata.build.resf.org/RLSA-2024:0608"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202402-25 vom 2024-02-19",
        "url": "https://security.gentoo.org/glsa/202402-25"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202402-26 vom 2024-02-19",
        "url": "https://security.gentoo.org/glsa/202402-26"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6669-1 vom 2024-03-04",
        "url": "https://ubuntu.com/security/notices/USN-6669-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3757 vom 2024-03-11",
        "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00010.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3775 vom 2024-03-25",
        "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-1484 vom 2024-03-27",
        "url": "https://linux.oracle.com/errata/ELSA-2024-1484.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1002-1 vom 2024-03-27",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018221.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3937 vom 2024-10-28",
        "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5807 vom 2024-11-10",
        "url": "https://security-tracker.debian.org/tracker/DSA-5807-1"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2024:14572-1 vom 2024-12-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/"
      }
    ],
    "source_lang": "en-US",
    "title": "Mozilla Firefox: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-12-15T23:00:00.000+00:00",
      "generator": {
        "date": "2024-12-16T09:17:39.300+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2024-0185",
      "initial_release_date": "2024-01-23T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-01-23T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-01-24T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian, SUSE und Fedora aufgenommen"
        },
        {
          "date": "2024-01-25T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-01-28T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-01-29T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-01-30T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-01-31T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Oracle Linux und Debian aufgenommen"
        },
        {
          "date": "2024-02-05T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von CentOS und Amazon aufgenommen"
        },
        {
          "date": "2024-02-06T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-02-12T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2024-02-18T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Gentoo aufgenommen"
        },
        {
          "date": "2024-03-03T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-10T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-03-25T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-03-26T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-10-28T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-11-10T23:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-12-15T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von openSUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "18"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c122",
                "product": {
                  "name": "Mozilla Firefox \u003c122",
                  "product_id": "T032299"
                }
              },
              {
                "category": "product_version",
                "name": "122",
                "product": {
                  "name": "Mozilla Firefox 122",
                  "product_id": "T032299-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mozilla:firefox:122"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Firefox"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c115.7",
                "product": {
                  "name": "Mozilla Firefox ESR \u003c115.7",
                  "product_id": "T032300"
                }
              },
              {
                "category": "product_version",
                "name": "115.7",
                "product": {
                  "name": "Mozilla Firefox ESR 115.7",
                  "product_id": "T032300-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mozilla:firefox_esr:115.7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Firefox ESR"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c115.7",
                "product": {
                  "name": "Mozilla Thunderbird \u003c115.7",
                  "product_id": "T032301"
                }
              },
              {
                "category": "product_version",
                "name": "115.7",
                "product": {
                  "name": "Mozilla Thunderbird 115.7",
                  "product_id": "T032301-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mozilla:thunderbird:115.7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Thunderbird"
          }
        ],
        "category": "vendor",
        "name": "Mozilla"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source CentOS",
            "product": {
              "name": "Open Source CentOS",
              "product_id": "1727",
              "product_identification_helper": {
                "cpe": "cpe:/o:centos:centos:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-0741",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0741"
    },
    {
      "cve": "CVE-2024-0742",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0742"
    },
    {
      "cve": "CVE-2024-0743",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0743"
    },
    {
      "cve": "CVE-2024-0744",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0744"
    },
    {
      "cve": "CVE-2024-0745",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0745"
    },
    {
      "cve": "CVE-2024-0746",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0746"
    },
    {
      "cve": "CVE-2024-0747",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0747"
    },
    {
      "cve": "CVE-2024-0748",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0748"
    },
    {
      "cve": "CVE-2024-0749",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0749"
    },
    {
      "cve": "CVE-2024-0750",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0750"
    },
    {
      "cve": "CVE-2024-0751",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0751"
    },
    {
      "cve": "CVE-2024-0752",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0752"
    },
    {
      "cve": "CVE-2024-0753",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0753"
    },
    {
      "cve": "CVE-2024-0754",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0754"
    },
    {
      "cve": "CVE-2024-0755",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032300",
          "T032301",
          "67646",
          "T012167",
          "T004914",
          "T032255",
          "T032299",
          "74185",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "1727"
        ]
      },
      "release_date": "2024-01-23T23:00:00.000+00:00",
      "title": "CVE-2024-0755"
    }
  ]
}

FKIE_CVE-2024-0748

Vulnerability from fkie_nvd - Published: 2024-01-23 14:15 - Updated: 2025-06-11 16:15

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Summary

A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.

References

URL	Tags
security@mozilla.org	https://bugzilla.mozilla.org/show_bug.cgi?id=1783504	Issue Tracking, Permissions Required
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2024-01/	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=1783504	Issue Tracking, Permissions Required
af854a3a-2127-422b-91ae-364da2661108	https://www.mozilla.org/security/advisories/mfsa2024-01/	Release Notes, Vendor Advisory

Impacted products

	Vendor	Product	Version
	mozilla	firefox	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEF7698D-52B1-4E62-8ADD-782A4BC59AD8",
              "versionEndExcluding": "122.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122."
    },
    {
      "lang": "es",
      "value": "Un proceso de contenido comprometido podr\u00eda haber actualizado el URI del documento. Esto podr\u00eda haber permitido a un atacante establecer un URI arbitrario en la barra de direcciones o en el historial. Esta vulnerabilidad afecta a Firefox \u0026lt; 122."
    }
  ],
  "id": "CVE-2024-0748",
  "lastModified": "2025-06-11T16:15:23.200",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-01-23T14:15:38.507",
  "references": [
    {
      "source": "security@mozilla.org",
      "tags": [
        "Issue Tracking",
        "Permissions Required"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783504"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Permissions Required"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783504"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/"
    }
  ],
  "sourceIdentifier": "security@mozilla.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

OPENSUSE-SU-2024:14572-1

Vulnerability from csaf_opensuse - Published: 2024-12-12 00:00 - Updated: 2024-12-12 00:00

Summary

firefox-esr-128.5.1-1.1 on GA media

Notes

Title of the patch

firefox-esr-128.5.1-1.1 on GA media

Description of the patch

These are all security issues fixed in the firefox-esr-128.5.1-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-14572

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "firefox-esr-128.5.1-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the firefox-esr-128.5.1-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14572",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14572-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2024:14572-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2024:14572-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2006-6077 page",
        "url": "https://www.suse.com/security/cve/CVE-2006-6077/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0008 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0008/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0009 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0009/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0078 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0078/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0079 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0079/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0775 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0775/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0776 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0776/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0777 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0777/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0780 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0780/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0800 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0800/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0981 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0981/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0995 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0995/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-0996 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-0996/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-3089 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-3089/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-3285 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-3285/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-3656 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-3656/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-3670 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-3670/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-3734 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-3734/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-3735 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-3735/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-3736 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-3736/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-3737 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-3737/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-3738 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-3738/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0412 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0412/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0414 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0414/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0415 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0415/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0417 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0417/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0418 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0418/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0419 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0419/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0591 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0591/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0592 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0592/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0593 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0593/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0594 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0594/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-4063 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-4063/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-5913 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-5913/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0040 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0040/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0352 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0352/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0354 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0354/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0355 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0355/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0356 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0356/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0357 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0357/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0358 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0358/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0652 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0652/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0771 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0771/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0772 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0772/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0773 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0773/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0774 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0774/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0775 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0775/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0776 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0776/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-0777 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-0777/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1044 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1044/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1169 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1169/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1302 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1302/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1306 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1306/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1307 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1307/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1308 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1308/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1309 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1309/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1310 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1310/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1311 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1311/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1312 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1312/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1313 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1313/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-1563 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-1563/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-2470 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-2470/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-2654 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-2654/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3069 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3069/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3072 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3072/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3077 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3077/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3078 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3078/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3079 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3079/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3274 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3274/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3370 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3370/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3371 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3371/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3372 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3372/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3373 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3373/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3374 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3374/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3375 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3375/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3376 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3376/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3377 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3377/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3380 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3380/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3388 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3388/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3389 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3389/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3555 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3555/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3979 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3979/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3983 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3983/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2009-3984 page",
        "url": "https://www.suse.com/security/cve/CVE-2009-3984/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0164 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0164/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0165 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0165/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0168 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0168/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0169 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0169/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0170 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0170/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0171 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0171/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0172 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0172/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0173 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0173/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0176 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0176/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0177 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0177/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0178 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0178/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0181 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0181/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0182 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0182/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-0654 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-0654/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1028 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1028/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1121 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1121/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1125 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1125/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1196 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1196/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1197 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1197/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1198 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1198/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1199 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1199/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1200 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1200/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1203 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1203/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1205 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1205/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1206 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1206/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1207 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1207/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1208 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1208/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1209 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1209/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1210 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1210/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1211 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1211/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1213 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1213/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1214 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1214/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-1215 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-1215/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2752 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2752/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2753 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2753/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2754 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2754/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2755 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2755/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2760 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2760/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2762 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2762/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2764 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2764/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2765 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2765/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2766 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2766/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2767 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2767/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2768 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2768/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-2769 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-2769/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3166 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3166/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3167 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3167/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3168 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3168/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3169 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3169/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3170 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3170/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3173 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3173/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3174 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3174/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3177 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3177/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3178 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3178/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3179 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3179/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3180 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3180/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3182 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3182/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3183 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3183/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-3765 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-3765/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-0068 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-0068/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-0069 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-0069/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-0080 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-0080/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-0084 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-0084/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-1187 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-1187/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-1202 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-1202/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2366 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2366/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2367 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2367/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2369 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2369/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2370 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2370/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2371 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2371/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2372 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2372/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2373 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2373/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2374 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2374/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2377 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2377/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2986 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2986/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2988 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2988/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2989 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2989/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2990 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2990/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2993 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2993/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-2995 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-2995/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3000 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3000/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3002 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3004 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3005 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3005/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3026 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3026/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3062 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3062/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3079 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3079/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3232 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3232/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3648 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3648/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3650 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3650/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3651 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3651/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3655 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3655/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3658 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3658/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3659 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3659/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3660 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3660/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3661 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3661/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3663 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3663/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0441 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0441/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0442 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0442/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0444 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0444/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0445 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0445/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0446 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0446/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0447 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0447/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0449 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0449/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0451 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0451/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0452 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0452/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0455 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0455/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0456 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0456/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0458 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0458/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0459 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0459/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0460 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0460/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0461 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0461/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0463 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0463/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0467 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0467/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0469 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0469/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0470 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0470/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0471 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0471/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0472 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0472/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0473 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0473/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0474 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0474/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0475 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0475/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0477 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0477/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0478 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0478/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0479 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0479/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-0759 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-0759/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1938 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1938/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1944 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1944/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1945 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1945/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1946 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1946/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1947 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1947/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1949 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1949/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1950 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1950/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1951 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1951/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1955 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1955/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1956 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1956/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1957 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1957/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1958 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1959 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1960 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1960/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1961 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1961/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1962 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1963 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1963/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1965 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1965/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1966 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1966/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1967 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1967/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1970 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1970/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1972 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1972/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-1976 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-1976/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3960 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3960/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3965 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3965/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3966 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3966/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3967 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3967/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3969 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3969/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3971 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3971/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3972 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3972/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3973 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3973/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3975 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3975/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3976 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3976/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3978 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3978/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3980 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3980/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3982 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3982/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3984 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3984/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3985 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3985/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3986 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3986/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3988 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3988/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3989 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3989/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3990 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3990/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3991 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3991/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3992 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3992/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3993 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3993/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3994 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3994/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-3995 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-3995/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4181 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4181/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4185 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4185/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4188 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4188/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4191 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4191/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4192 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4192/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4194 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4194/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4201 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4201/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4202 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4202/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4203 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4203/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4204 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4205 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4205/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4207 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4207/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4208 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4208/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4209 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4209/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4210 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4210/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4213 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4213/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-4214 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-4214/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-5829 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-5829/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-5830 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-5830/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-5836 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-5836/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-5837 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-5837/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-5841 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-5841/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-5842 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-5842/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0743 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0743/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0744 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0744/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0745 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0745/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0746 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0746/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0747 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0747/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0748 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0748/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0749 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0749/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0750 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0750/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0751 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0751/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0752 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0752/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0753 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0753/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0754 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0754/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0755 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0755/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0756 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0756/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0757 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0757/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0758 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0758/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0760 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0760/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0761 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0761/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0764 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0764/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0765 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0765/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0768 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0768/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0772 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0772/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0773 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0773/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0774 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0774/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0775 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0775/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0776 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0776/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0778 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0778/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0780 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0780/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0783 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0783/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0787 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0787/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0788 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0788/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0792 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0792/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0793 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0793/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0794 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0794/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0795 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0795/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0796 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0796/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0800 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0800/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0801 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0801/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1670 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1670/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1671 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1671/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1674 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1674/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1675 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1675/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1676 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1676/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1679 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1679/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1682 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1682/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1684 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1684/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1687 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1687/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1688 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1688/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1690 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1690/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1692 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1692/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1693 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1693/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1694 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1694/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1695 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1695/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1696 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1696/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1697 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1697/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1698 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1698/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1699 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1699/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1701 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1701/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1704 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1704/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1705 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1705/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1708 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1708/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1709 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1709/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1710 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1710/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1711 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1711/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1713 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1713/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1714 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1714/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1717 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1717/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1718 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1718/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1720 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1720/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1721 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1721/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1722 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1722/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1723 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1723/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1724 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1724/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1725 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1725/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1728 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1728/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1730 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1730/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1732 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1732/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1735 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1735/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1737 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1737/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1738 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1738/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5590 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5590/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5593 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5593/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5595 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5595/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5596 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5596/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5597 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5597/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5598 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5598/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5599 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5599/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5602 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5602/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5603 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5603/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5604 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5604/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5609 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5609/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5611 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5611/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5612 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5612/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5613 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5613/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5614 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5614/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5615 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5615/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5616 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5616/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5618 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5618/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-5619 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-5619/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-6629 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-6629/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-6671 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-6671/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-6672 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-6672/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-6673 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-6673/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1477 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1477/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1479 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1479/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1480 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1480/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1481 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1481/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1482 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1482/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1483 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1483/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1484 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1484/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1485 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1485/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1486 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1486/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1487 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1488 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1488/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1489 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1489/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1490 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1492 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1493 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1493/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1497 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1497/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1498 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1498/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1499 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1499/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1500 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1500/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1502 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1502/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1504 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1504/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1505 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1505/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1508 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1508/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1509 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1509/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1510 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1510/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1512 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1512/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1513 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1513/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1514 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1514/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1518 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1518/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1522 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1522/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1523 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1523/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1524 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1524/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1525 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1525/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1526 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1526/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1528 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1528/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1529 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1529/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1530 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1530/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1531 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1531/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1532 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1532/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1533 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1536 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1536/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1539 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1539/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1540 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1540/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1541 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1541/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1542 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1542/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1543 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1543/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1544 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1544/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1545 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1545/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1547 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1547/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1549 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1549/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1550 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1550/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1552 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1552/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1553 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1553/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1555 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1555/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1556 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1556/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1557 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1557/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1558 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1558/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1561 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1561/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1563 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1563/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1564 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1564/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1565 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1565/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1567 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1567/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1574 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1574/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1576 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1576/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1577 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1577/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1578 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1578/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1580 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1580/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1581 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1581/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1582 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1582/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1583 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1583/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1585 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1585/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1587 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1587/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1589 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1589/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1590 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1590/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1591 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1591/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1592 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1592/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1593 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1593/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-1594 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-1594/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-8634 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-8634/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-8636 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-8636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-8637 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-8637/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-8638 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-8638/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-8639 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-8639/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-8640 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-8640/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-8641 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-8641/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-8642 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-8642/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-8643 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-8643/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0798 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0798/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0799 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0799/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0800 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0800/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0801 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0801/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0802 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0802/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0803 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0803/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0805 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0805/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0807 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0807/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0808 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0808/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0810 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0810/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0811 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0811/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0812 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0812/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0813 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0813/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0814 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0814/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0816 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0816/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0817 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0817/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0818 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0818/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0819 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0819/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0820 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0820/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0821 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0821/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0822 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0822/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0823 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0823/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0824 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0824/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0825 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0825/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0826 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0826/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0827 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0827/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0828 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0828/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0829 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0829/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0830 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0830/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0831 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0831/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0832 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0832/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0833 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0833/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0834 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0834/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0835 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0835/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2706 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2706/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2708 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2708/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2710 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2710/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2711 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2711/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2712 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2712/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2713 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2713/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2715 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2715/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2716 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2716/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2717 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2717/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2718 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2718/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2721 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2721/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2722 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2722/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2724 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2724/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2727 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2727/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2728 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2728/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2729 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2729/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2730 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2730/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2731 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2731/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2734 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2734/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2738 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2738/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2741 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2742 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2742/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2743 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2743/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4000 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4000/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4473 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4473/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4475 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4475/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4476 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4476/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4477 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4477/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4478 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4478/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4479 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4479/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4481 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4481/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4482 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4482/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4483 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4483/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4484 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4484/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4485 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4485/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4487 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4490 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4491 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4491/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4492 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4495 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4495/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4497 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4497/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4498 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4498/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4500 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4500/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4502 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4502/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4503 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4503/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4504 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4504/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4505 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4505/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4506 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4506/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4507 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4507/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4508 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4508/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4509 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4509/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4510 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4510/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4511 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4511/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4512 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4512/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4513 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4513/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4515 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4515/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4516 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4516/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4517 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4517/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4518 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4518/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4519 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4519/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4520 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4520/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7174 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7174/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7178 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7178/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7180 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7180/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7181 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7181/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7184 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7184/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7185 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7185/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7186 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7186/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7187 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7187/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7188 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7188/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7189 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7189/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7190 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7190/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7191 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7191/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7192 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7192/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7193 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7193/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7194 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7194/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7195 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7195/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7196 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7196/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7197 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7197/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7198 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7198/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7201 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7201/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7203 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7203/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7204 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7205 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7205/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7207 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7207/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7208 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7208/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7210 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7210/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7211 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7211/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7212 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7212/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7213 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7213/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7214 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7214/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7215 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7215/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7216 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7216/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7218 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7218/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7222 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7222/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7223 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7223/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7575 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7575/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-0718 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-0718/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1930 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1930/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1933 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1933/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1935 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1935/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1937 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1937/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1938 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1938/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1942 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1942/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1944 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1944/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1947 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1947/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1949 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1949/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1950 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1950/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1952 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1952/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1954 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1954/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1955 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1955/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1956 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1956/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1957 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1957/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1958 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1959 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1960 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1960/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1961 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1961/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1962 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1963 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1963/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1964 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1964/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1965 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1965/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1966 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1966/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1967 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1967/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1968 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1968/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1970 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1970/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1973 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1973/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1974 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1974/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1976 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1976/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1977 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1979 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1979/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2792 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2792/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2796 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2796/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2800 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2800/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2804 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2804/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2808 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2808/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2809 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2809/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2810 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2810/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2811 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2811/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2813 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2813/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2814 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2814/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2815 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2815/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2816 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2816/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2817 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2817/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2819 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2819/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2820 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2820/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2821 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2821/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2822 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2822/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2824 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2824/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2825 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2825/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2827 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2827/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2828 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2828/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2829 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2829/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2830 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2830/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2831 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2831/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2832 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2832/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2833 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2833/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2834 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2834/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2835 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2835/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2837 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2837/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2838 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2838/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2839 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2839/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5250 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5250/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5251 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5251/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5252 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5252/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5253 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5253/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5254 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5254/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5255 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5255/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5256 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5256/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5257 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5257/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5258 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5258/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5259 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5259/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5260 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5260/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5261 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5261/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5262 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5262/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5263 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5263/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5264 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5264/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5265 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5265/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5266 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5266/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5267 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5267/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5268 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5268/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5270 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5270/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5271 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5271/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5272 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5272/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5273 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5273/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5274 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5274/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5275 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5275/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5276 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5276/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5277 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5277/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5278 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5278/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5279 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5279/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5280 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5280/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5281 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5281/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5282 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5282/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5283 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5283/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5284 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5284/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5287 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5287/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5288 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5288/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5289 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5289/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5290 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5290/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5291 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5291/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5292 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5292/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5293 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5293/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5294 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5294/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5295 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5295/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5296 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5296/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5297 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5297/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5298 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5298/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5299 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5299/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-6354 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-6354/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9061 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9061/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9062 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9062/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9063 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9063/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9064 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9064/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9065 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9065/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9066 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9066/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9067 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9067/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9068 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9068/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9069 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9069/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9070 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9070/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9071 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9071/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9072 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9072/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9073 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9073/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9074 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9074/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9075 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9075/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9076 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9076/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9077 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9077/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9078 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9078/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9079 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9079/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9080 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9080/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9893 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9893/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9894 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9894/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9895 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9895/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9896 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9896/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9897 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9897/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9898 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9898/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9899 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9899/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9900 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9900/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9901 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9901/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9902 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9902/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9903 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9903/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9904 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9904/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-16541 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-16541/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5373 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5373/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5374 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5374/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5375 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5375/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5376 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5376/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5377 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5377/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5378 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5378/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5379 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5379/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5380 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5380/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5381 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5381/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5382 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5382/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5383 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5383/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5384 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5384/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5385 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5385/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5386 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5386/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5387 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5387/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5388 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5388/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5389 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5389/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5390 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5390/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5391 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5391/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5392 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5392/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5393 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5393/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5394 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5394/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5395 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5395/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5396 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5396/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5398 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5398/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5399 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5399/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5400 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5400/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5401 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5401/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5402 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5402/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5403 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5403/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5404 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5404/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5405 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5405/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5406 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5406/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5407 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5407/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5408 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5408/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5410 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5410/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5412 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5412/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5413 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5413/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5414 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5414/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5415 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5415/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5416 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5416/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5417 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5417/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5418 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5418/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5419 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5419/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5420 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5420/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5421 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5421/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5422 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5422/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5426 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5426/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5427 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5427/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5428 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5428/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5429 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5429/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5430 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5430/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5432 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5432/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5433 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5433/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5434 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5434/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5435 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5435/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5436 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5436/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5437 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5437/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5438 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5438/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5439 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5439/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5440 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5440/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5441 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5441/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5442 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5442/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5443 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5443/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5444 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5444/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5445 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5445/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5446 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5446/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5447 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5447/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5448 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5449 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5449/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5451 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5451/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5453 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5453/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5454 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5454/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5455 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5455/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5456 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5456/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5458 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5458/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5459 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5459/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5460 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5460/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5461 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5461/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5462 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5462/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5464 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5464/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5465 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5465/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5466 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5466/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5467 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5467/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5468 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5468/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5469 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5469/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7753 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7753/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7779 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7779/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7780 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7780/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7781 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7781/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7782 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7782/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7783 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7783/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7784 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7784/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7785 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7785/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7786 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7786/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7787 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7787/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7788 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7788/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7789 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7789/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7790 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7790/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7791 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7791/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7792 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7792/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7793 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7793/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7794 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7794/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7796 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7796/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7797 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7797/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7798 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7798/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7799 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7799/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7800 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7800/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7801 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7801/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7802 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7802/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7803 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7803/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7804 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7804/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7805 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7805/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7806 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7806/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7807 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7807/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7808 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7808/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7809 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7809/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7810 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7810/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7811 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7811/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7812 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7812/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7813 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7813/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7814 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7814/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7815 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7815/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7816 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7816/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7817 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7817/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7818 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7818/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7819 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7819/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7820 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7820/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7821 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7821/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7822 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7822/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7823 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7823/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7824 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7824/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7825 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7825/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7826 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7826/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7827 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7827/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7828 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7828/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7830 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7830/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7831 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7831/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7832 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7832/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7833 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7833/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7834 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7834/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7835 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7835/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7836 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7836/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7837 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7837/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7838 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7838/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7839 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7839/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7840 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7840/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7842 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7842/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7843 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7843/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7844 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7844/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12358 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12358/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12359 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12359/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12360 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12360/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12361 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12361/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12362 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12362/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12363 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12363/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12364 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12364/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12365 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12365/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12366 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12366/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12367 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12367/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12369 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12369/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12370 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12370/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12371 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12371/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12375 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12375/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12376 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12376/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12377 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12377/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12378 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12378/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12379 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12379/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12381 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12381/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12382 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12382/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12383 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12383/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12385 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12385/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12386 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12386/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12387 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12387/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12388 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12388/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12390 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12390/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12391 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12391/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12392 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12392/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12393 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12393/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12395 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12395/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12396 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12396/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12397 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12397/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12398 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12398/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12399 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12399/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12400 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12400/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12401 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12401/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12402 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12402/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12403 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12403/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12405 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12405/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12406 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12406/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12407 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12407/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-17466 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-17466/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18356 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18356/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18492 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18493 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18493/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18494 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18494/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18495 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18495/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18496 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18496/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18497 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18497/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18498 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18498/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18500 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18500/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18501 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18501/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18502 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18502/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18503 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18503/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18504 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18504/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18505 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18505/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18506 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18506/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18511 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18511/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5089 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5089/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5090 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5090/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5091 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5091/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5092 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5092/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5093 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5093/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5094 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5094/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5095 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5095/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5097 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5097/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5098 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5098/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5099 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5099/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5100 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5100/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5101 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5101/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5102 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5102/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5103 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5103/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5104 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5104/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5105 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5105/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5106 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5106/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5107 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5107/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5108 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5108/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5109 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5109/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5110 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5110/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5111 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5111/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5112 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5112/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5113 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5113/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5114 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5114/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5115 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5115/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5116 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5116/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5117 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5117/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5118 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5118/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5119 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5119/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5121 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5121/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5122 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5122/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5125 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5125/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5126 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5126/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5127 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5127/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5128 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5128/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5129 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5129/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5130 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5130/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5131 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5131/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5132 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5132/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5133 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5133/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5134 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5134/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5135 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5135/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5136 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5136/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5137 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5137/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5138 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5138/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5140 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5140/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5141 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5141/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5142 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5142/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5143 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5143/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5146 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5146/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5147 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5147/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5148 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5148/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5150 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5150/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5151 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5151/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5152 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5152/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5153 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5153/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5154 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5154/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5155 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5155/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5156 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5156/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5157 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5157/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5158 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5158/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5159 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5159/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5160 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5160/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5163 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5163/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5164 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5164/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5165 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5165/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5166 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5166/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5167 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5167/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5168 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5168/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5169 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5169/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5172 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5172/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5173 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5173/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5174 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5174/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5175 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5175/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5176 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5176/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5177 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5177/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5180 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5180/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5181 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5181/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5182 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5182/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5186 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5186/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5187 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5187/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5188 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5188/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-6126 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-6126/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-6156 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-6156/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11691 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11691/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11692 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11692/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11693 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11693/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11694 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11694/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11695 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11695/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11696 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11696/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11697 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11697/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11698 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11698/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11699 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11699/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11700 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11700/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11701 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11701/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11707 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11707/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11708 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11708/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11709 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11709/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11710 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11710/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11711 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11711/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11712 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11712/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11713 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11713/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11714 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11714/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11715 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11715/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11716 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11716/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11717 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11717/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11718 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11718/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11719 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11719/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11720 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11720/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11721 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11721/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11723 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11723/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11724 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11724/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11725 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11725/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11727 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11727/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11728 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11728/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11729 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11729/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11730 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11730/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11733 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11733/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11734 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11734/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11735 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11735/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11736 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11736/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11737 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11737/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11738 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11738/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11740 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11740/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11741 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11742 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11742/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11743 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11743/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11744 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11744/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11746 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11746/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11747 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11747/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11748 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11748/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11749 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11749/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11750 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11750/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11751 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11751/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11752 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11752/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11753 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11753/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11754 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11754/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11756 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11756/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11757 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11757/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11759 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11759/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11760 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11760/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11761 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11761/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11762 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11762/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11763 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11763/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11764 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11764/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11765 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11765/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-13722 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-13722/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-15903 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-15903/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17000 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17000/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17001 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17001/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17002 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17005 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17005/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17008 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17008/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17010 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17010/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17011 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17011/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17012 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17012/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17013 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17013/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17014 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17014/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17016 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17016/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17017 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17017/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17020 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17020/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17022 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17022/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17023 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17023/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17024 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17024/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17025 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17025/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-17026 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-17026/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-20503 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-20503/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-5785 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-5785/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-5849 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-5849/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-7317 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-7317/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9788 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9788/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9789 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9789/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9790 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9790/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9791 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9791/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9792 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9792/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9793 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9793/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9794 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9794/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9795 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9795/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9796 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9796/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9797 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9797/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9798 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9798/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9799 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9799/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9800 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9800/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9801 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9801/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9802 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9802/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9803 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9803/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9804 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9804/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9805 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9805/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9806 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9806/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9807 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9807/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9808 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9808/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9809 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9809/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9810 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9810/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9811 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9811/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9812 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9812/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9813 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9813/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9814 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9814/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9815 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9815/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9816 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9816/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9817 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9817/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9818 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9818/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9819 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9819/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9820 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9820/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9821 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9821/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12387 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12387/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12388 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12388/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12389 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12389/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12390 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12390/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12391 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12391/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12392 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12392/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12393 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12393/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12394 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12394/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12395 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12395/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12396 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12396/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12399 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12399/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12400 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12400/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12401 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12401/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12402 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12402/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12405 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12405/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12406 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12406/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12407 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12407/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12408 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12408/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12409 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12409/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12411 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12411/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12415 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12415/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12416 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12416/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12417 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12417/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12418 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12418/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12419 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12419/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12420 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12420/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12421 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12421/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12422 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12422/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12423 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12423/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12424 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12424/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12425 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12425/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12426 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12426/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15254 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15254/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15652 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15652/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15653 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15653/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15654 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15654/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15655 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15655/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15656 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15656/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15657 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15657/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15658 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15658/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15659 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15659/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15663 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15663/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15664 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15664/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15665 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15665/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15666 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15666/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15667 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15667/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15668 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15668/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15670 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15670/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15673 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15673/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15674 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15674/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15675 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15675/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15676 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15676/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15677 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15677/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15678 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15678/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15680 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15680/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15681 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15681/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15682 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15682/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15683 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15683/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15684 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15684/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15969 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15969/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15999 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15999/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-16012 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-16012/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-16042 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-16042/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-16044 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-16044/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26950 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26950/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26951 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26951/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26952 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26952/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26953 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26953/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26954 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26954/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26955 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26955/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26956 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26956/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26957 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26957/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26958 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26959 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26960 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26960/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26961 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26961/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26962 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26963 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26963/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26964 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26964/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26965 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26965/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26966 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26966/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26967 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26967/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26968 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26968/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26969 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26969/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26971 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26971/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26972 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26972/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26973 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26973/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26974 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26974/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26975 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26975/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26976 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26976/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26977 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26978 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26978/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-26979 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-26979/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-35111 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-35111/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-35112 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-35112/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-35113 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-35113/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-35114 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-35114/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6463 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6463/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6514 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6514/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6796 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6796/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6797 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6797/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6798 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6798/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6799 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6799/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6800 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6800/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6801 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6801/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6805 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6805/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6806 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6806/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6807 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6807/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6808 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6808/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6809 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6809/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6810 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6810/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6811 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6811/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6812 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6812/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6813 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6813/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6814 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6814/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6815 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6815/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6819 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6819/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6820 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6820/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6821 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6821/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6822 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6822/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6823 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6823/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6824 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6824/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6825 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6825/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6826 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6826/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6829 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6829/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6831 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6831/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23953 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23953/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23954 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23954/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23955 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23955/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23956 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23956/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23957 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23957/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23958 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23959 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23960 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23960/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23961 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23961/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23962 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23963 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23963/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23964 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23964/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23965 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23965/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23968 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23968/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23969 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23969/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23970 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23970/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23971 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23971/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23972 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23972/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23973 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23973/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23974 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23974/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23975 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23975/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23976 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23976/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23977 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23978 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23978/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23979 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23979/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23981 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23981/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23982 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23982/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23983 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23983/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23984 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23984/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23985 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23985/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23986 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23986/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23987 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23987/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23988 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23988/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23994 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23994/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23995 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23995/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23996 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23996/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23997 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23997/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23998 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23998/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-23999 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-23999/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-24000 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-24000/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-24001 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-24001/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-24002 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-24002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29944 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29944/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29945 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29945/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29946 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29946/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29947 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29947/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29952 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29952/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29959 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29960 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29960/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29961 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29961/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29962 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29963 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29963/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29964 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29964/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29965 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29965/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29966 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29966/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29967 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29967/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29970 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29970/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29971 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29971/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29972 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29972/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29973 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29973/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29974 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29974/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29975 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29975/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29976 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29976/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29977 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29980 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29980/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29981 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29981/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29982 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29982/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29983 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29983/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29984 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29984/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29985 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29985/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29986 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29986/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29987 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29987/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29988 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29988/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29989 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29989/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29990 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29990/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29991 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29991/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-29993 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-29993/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-30547 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-30547/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-32810 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-32810/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38491 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38491/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38492 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38493 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38493/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38494 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38494/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38496 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38496/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38497 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38497/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38498 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38498/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38499 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38499/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38500 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38500/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38501 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38501/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38503 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38503/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38504 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38504/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38505 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38505/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38506 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38506/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38507 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38507/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38508 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38508/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38509 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38509/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-38510 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-38510/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-4140 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-4140/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-43536 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-43536/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-43537 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-43537/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-43538 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-43538/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-43539 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-43539/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-43540 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-43540/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-43541 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-43541/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-43542 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-43542/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-43543 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-43543/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-43544 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-43544/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-43545 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-43545/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-43546 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-43546/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0511 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0511/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0843 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0843/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1097 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1097/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1529 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1529/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1802 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1802/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1919 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1919/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-2200 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-2200/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22736 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22736/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22737 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22737/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22738 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22738/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22739 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22739/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22740 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22740/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22741 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22742 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22742/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22743 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22743/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22744 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22744/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22745 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22745/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22746 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22746/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22747 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22747/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22748 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22748/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22749 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22749/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22750 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22750/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22751 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22751/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22752 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22752/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22753 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22753/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22754 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22754/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22755 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22755/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22756 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22756/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22757 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22757/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22758 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22758/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22759 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22759/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22760 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22760/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22761 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22761/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22762 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22762/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-22764 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-22764/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24713 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24713/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-2505 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-2505/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26381 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26381/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26382 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26382/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26383 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26383/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26384 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26384/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26385 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26385/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26387 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26387/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28281 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28281/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28282 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28282/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28283 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28283/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28284 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28284/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28285 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28285/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28286 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28286/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28287 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28287/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28288 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28288/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28289 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28289/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29909 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29909/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29910 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29910/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29911 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29911/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29912 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29912/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29914 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29914/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29915 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29915/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29916 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29916/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29917 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29917/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29918 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29918/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31736 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31736/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31737 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31737/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31738 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31738/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31739 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31739/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31740 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31740/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31741 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31742 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31742/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31743 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31743/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31744 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31744/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31745 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31745/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31747 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31747/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-31748 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-31748/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34468 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34468/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34469 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34469/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34470 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34470/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34471 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34471/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34472 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34472/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34473 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34473/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34474 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34474/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34475 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34475/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34476 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34476/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34477 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34477/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34478 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34478/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34479 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34479/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34480 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34480/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34481 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34481/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34482 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34482/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34483 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34483/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34484 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34484/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34485 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34485/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-36314 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-36314/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-36315 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-36315/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-36316 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-36316/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-36317 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-36317/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-36318 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-36318/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-36319 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-36319/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-36320 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-36320/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-38472 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-38472/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-38473 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-38473/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-38474 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-38474/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-38475 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-38475/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-38477 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-38477/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-38478 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-38478/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-40674 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-40674/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-40956 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-40956/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-40957 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-40957/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-40958 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-40958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-40959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-40959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-40960 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-40960/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-40961 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-40961/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-40962 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-40962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-42927 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-42927/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-42928 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-42928/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-42929 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-42929/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-42930 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-42930/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-42931 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-42931/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-42932 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-42932/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45403 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45403/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45404 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45404/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45405 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45405/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45406 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45406/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45407 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45407/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45408 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45408/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45409 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45409/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45410 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45410/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45411 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45411/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45412 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45412/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45413 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45413/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45415 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45415/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45416 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45416/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45417 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45417/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45418 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45418/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45419 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45419/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45420 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45420/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-45421 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-45421/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-46871 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-46871/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-46872 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-46872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-46873 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-46873/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-46874 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-46874/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-46875 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-46875/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-46877 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-46877/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-46878 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-46878/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-46879 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-46879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-0767 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-0767/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23597 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23597/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23598 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23598/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23599 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23599/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23600 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23600/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23601 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23601/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23602 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23602/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23603 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23603/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23604 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23604/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23605 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23605/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23606 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23606/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25728 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25728/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25729 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25729/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25730 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25730/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25731 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25731/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25732 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25732/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25733 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25733/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25734 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25734/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25735 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25735/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25736 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25736/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25737 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25737/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25738 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25738/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25739 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25739/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25740 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25740/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25741 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25742 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25742/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25743 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25743/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25744 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25744/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25745 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25745/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25748 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25748/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25749 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25749/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25750 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25750/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25751 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25751/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25752 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25752/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-28159 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-28159/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-28160 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-28160/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-28161 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-28161/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-28162 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-28162/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-28163 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-28163/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-28164 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-28164/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-28176 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-28176/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-28177 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-28177/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29531 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29531/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29532 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29532/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29533 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29534 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29534/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29535 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29535/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29536 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29536/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29537 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29537/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29538 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29538/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29539 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29539/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29540 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29540/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29541 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29541/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29542 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29542/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29543 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29543/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29544 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29544/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29545 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29545/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29546 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29546/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29547 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29547/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29548 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29548/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29549 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29549/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29550 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29550/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-29551 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-29551/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32205 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32205/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32206 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32206/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32207 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32207/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32208 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32208/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32209 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32209/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32210 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32210/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32211 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32211/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32212 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32212/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32213 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32213/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32214 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32214/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32215 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32215/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-32216 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-32216/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-34414 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-34414/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-34415 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-34415/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-34416 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-34416/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-34417 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-34417/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-3482 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-3482/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-3600 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-3600/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37201 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37201/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37202 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37202/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37203 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37203/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37204 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37205 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37205/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37206 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37206/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37207 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37207/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37208 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37208/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37209 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37209/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37210 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37210/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37211 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37211/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-37212 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-37212/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4045 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4045/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4046 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4046/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4047 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4047/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4048 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4048/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4049 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4049/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4050 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4050/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4051 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4051/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4052 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4052/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4053 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4053/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4054 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4054/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4055 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4055/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4056 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4056/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4057 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4057/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4058 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4058/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4573 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4573/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4574 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4574/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4575 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4575/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4576 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4576/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4577 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4577/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4578 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4578/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4579 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4579/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4580 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4580/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4581 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4581/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4582 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4582/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4583 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4583/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4584 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4584/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4585 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4585/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4863 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4863/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5168 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5168/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5169 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5169/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5170 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5170/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5171 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5171/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5172 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5172/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5173 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5173/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5174 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5174/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5175 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5175/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5176 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5176/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5217 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5217/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5388 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5388/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5721 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5721/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5722 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5722/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5723 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5723/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5724 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5724/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5725 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5725/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5726 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5726/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5727 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5727/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5728 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5728/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5729 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5729/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5730 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5730/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5731 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5731/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6135 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6135/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6204 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6205 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6205/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6206 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6206/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6207 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6207/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6208 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6208/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6209 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6209/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6210 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6210/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6211 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6211/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6212 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6212/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6213 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6213/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6856 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6856/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6857 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6857/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6858 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6858/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6859 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6859/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6860 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6860/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6861 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6861/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6863 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6863/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6864 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6864/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6865 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6865/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6866 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6866/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6867 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6867/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6868 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6868/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6869 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6869/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6870 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6870/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6871 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6871/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6872 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6873 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6873/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0741 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0742 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0742/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0743 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0743/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0744 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0744/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0745 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0745/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0746 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0746/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0747 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0747/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0748 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0748/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0749 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0749/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0750 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0750/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0751 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0751/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0752 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0752/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0753 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0753/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0754 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0754/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0755 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0755/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10458 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10458/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10459 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10459/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10460 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10460/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10461 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10461/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10462 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10462/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10463 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10463/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10464 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10464/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10465 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10465/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10466 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10466/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10467 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10467/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11691 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11691/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11692 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11692/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11693 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11693/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11694 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11694/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11695 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11695/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11696 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11696/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11697 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11697/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11698 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11698/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11699 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11699/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1546 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1546/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1547 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1547/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1548 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1548/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1549 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1549/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1550 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1550/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1551 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1551/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1552 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1552/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1553 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1553/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1554 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1554/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1555 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1555/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1556 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1556/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-1557 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-1557/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-2605 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-2605/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-2606 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-2606/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-2607 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-2607/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-2608 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-2608/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-2609 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-2609/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-2610 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-2610/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-2611 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-2611/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-2612 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-2612/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-2613 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-2613/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-2614 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-2614/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-2615 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-2615/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-29943 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-29943/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-29944 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-29944/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3302 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3302/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3852 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3852/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3853 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3853/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3854 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3854/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3855 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3855/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3856 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3856/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3857 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3857/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3858 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3858/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3859 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3859/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3860 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3860/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3861 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3861/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3862 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3862/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3863 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3863/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3864 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3864/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3865 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3865/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4367 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4367/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4764 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4764/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4765 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4765/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4766 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4766/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4767 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4767/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4768 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4768/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4769 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4769/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4770 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4770/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4771 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4771/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4772 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4772/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4773 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4773/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4774 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4774/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4775 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4775/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4776 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4776/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4777 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4777/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4778 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4778/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5687 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5687/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5688 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5688/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5689 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5689/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5690 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5690/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5691 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5691/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5692 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5692/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5693 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5693/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5694 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5694/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5695 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5695/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5696 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5696/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5697 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5697/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5698 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5698/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5699 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5699/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5700 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5700/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-5701 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-5701/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6600 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6600/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6601 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6601/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6602 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6602/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6603 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6603/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6604 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6604/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6605 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6605/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6606 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6606/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6607 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6607/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6608 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6608/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6609 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6609/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6610 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6610/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6611 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6611/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6612 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6612/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6613 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6613/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6614 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6614/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6615 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6615/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7518 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7518/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7519 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7519/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7520 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7520/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7521 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7521/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7522 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7522/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7524 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7524/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7525 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7525/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7526 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7526/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7527 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7527/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7528 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7528/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7529 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7529/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7531 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7531/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8381 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8381/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8382 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8382/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8383 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8383/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8384 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8384/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8385 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8385/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8386 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8386/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8387 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8387/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8900 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8900/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9392 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9392/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9393 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9393/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9394 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9394/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9396 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9396/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9397 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9397/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9398 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9398/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9399 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9399/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9400 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9400/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9401 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9401/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9402 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9402/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9680 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9680/"
      }
    ],
    "title": "firefox-esr-128.5.1-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-12-12T00:00:00Z",
      "generator": {
        "date": "2024-12-12T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14572-1",
      "initial_release_date": "2024-12-12T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-12-12T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-esr-128.5.1-1.1.aarch64",
                "product": {
                  "name": "firefox-esr-128.5.1-1.1.aarch64",
                  "product_id": "firefox-esr-128.5.1-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
                "product": {
                  "name": "firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
                  "product_id": "firefox-esr-branding-upstream-128.5.1-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-translations-common-128.5.1-1.1.aarch64",
                "product": {
                  "name": "firefox-esr-translations-common-128.5.1-1.1.aarch64",
                  "product_id": "firefox-esr-translations-common-128.5.1-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-translations-other-128.5.1-1.1.aarch64",
                "product": {
                  "name": "firefox-esr-translations-other-128.5.1-1.1.aarch64",
                  "product_id": "firefox-esr-translations-other-128.5.1-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-esr-128.5.1-1.1.ppc64le",
                "product": {
                  "name": "firefox-esr-128.5.1-1.1.ppc64le",
                  "product_id": "firefox-esr-128.5.1-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
                "product": {
                  "name": "firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
                  "product_id": "firefox-esr-branding-upstream-128.5.1-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-translations-common-128.5.1-1.1.ppc64le",
                "product": {
                  "name": "firefox-esr-translations-common-128.5.1-1.1.ppc64le",
                  "product_id": "firefox-esr-translations-common-128.5.1-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-translations-other-128.5.1-1.1.ppc64le",
                "product": {
                  "name": "firefox-esr-translations-other-128.5.1-1.1.ppc64le",
                  "product_id": "firefox-esr-translations-other-128.5.1-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-esr-128.5.1-1.1.s390x",
                "product": {
                  "name": "firefox-esr-128.5.1-1.1.s390x",
                  "product_id": "firefox-esr-128.5.1-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-branding-upstream-128.5.1-1.1.s390x",
                "product": {
                  "name": "firefox-esr-branding-upstream-128.5.1-1.1.s390x",
                  "product_id": "firefox-esr-branding-upstream-128.5.1-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-translations-common-128.5.1-1.1.s390x",
                "product": {
                  "name": "firefox-esr-translations-common-128.5.1-1.1.s390x",
                  "product_id": "firefox-esr-translations-common-128.5.1-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-translations-other-128.5.1-1.1.s390x",
                "product": {
                  "name": "firefox-esr-translations-other-128.5.1-1.1.s390x",
                  "product_id": "firefox-esr-translations-other-128.5.1-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-esr-128.5.1-1.1.x86_64",
                "product": {
                  "name": "firefox-esr-128.5.1-1.1.x86_64",
                  "product_id": "firefox-esr-128.5.1-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
                "product": {
                  "name": "firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
                  "product_id": "firefox-esr-branding-upstream-128.5.1-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-translations-common-128.5.1-1.1.x86_64",
                "product": {
                  "name": "firefox-esr-translations-common-128.5.1-1.1.x86_64",
                  "product_id": "firefox-esr-translations-common-128.5.1-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "firefox-esr-translations-other-128.5.1-1.1.x86_64",
                "product": {
                  "name": "firefox-esr-translations-other-128.5.1-1.1.x86_64",
                  "product_id": "firefox-esr-translations-other-128.5.1-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-128.5.1-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64"
        },
        "product_reference": "firefox-esr-128.5.1-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-128.5.1-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le"
        },
        "product_reference": "firefox-esr-128.5.1-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-128.5.1-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x"
        },
        "product_reference": "firefox-esr-128.5.1-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-128.5.1-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64"
        },
        "product_reference": "firefox-esr-128.5.1-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-branding-upstream-128.5.1-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64"
        },
        "product_reference": "firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-branding-upstream-128.5.1-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le"
        },
        "product_reference": "firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-branding-upstream-128.5.1-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x"
        },
        "product_reference": "firefox-esr-branding-upstream-128.5.1-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-branding-upstream-128.5.1-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64"
        },
        "product_reference": "firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-translations-common-128.5.1-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64"
        },
        "product_reference": "firefox-esr-translations-common-128.5.1-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-translations-common-128.5.1-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le"
        },
        "product_reference": "firefox-esr-translations-common-128.5.1-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-translations-common-128.5.1-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x"
        },
        "product_reference": "firefox-esr-translations-common-128.5.1-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-translations-common-128.5.1-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64"
        },
        "product_reference": "firefox-esr-translations-common-128.5.1-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-translations-other-128.5.1-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64"
        },
        "product_reference": "firefox-esr-translations-other-128.5.1-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-translations-other-128.5.1-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le"
        },
        "product_reference": "firefox-esr-translations-other-128.5.1-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-translations-other-128.5.1-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x"
        },
        "product_reference": "firefox-esr-translations-other-128.5.1-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-esr-translations-other-128.5.1-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        },
        "product_reference": "firefox-esr-translations-other-128.5.1-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2006-6077",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2006-6077"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2006-6077",
          "url": "https://www.suse.com/security/cve/CVE-2006-6077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2006-6077",
          "url": "https://bugzilla.suse.com/244923"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 550618 for CVE-2006-6077",
          "url": "https://bugzilla.suse.com/550618"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2006-6077"
    },
    {
      "cve": "CVE-2007-0008",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0008"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0008",
          "url": "https://www.suse.com/security/cve/CVE-2007-0008"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0008",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-0008"
    },
    {
      "cve": "CVE-2007-0009",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0009"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid \"Client Master Key\" length values.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0009",
          "url": "https://www.suse.com/security/cve/CVE-2007-0009"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0009",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-0009"
    },
    {
      "cve": "CVE-2007-0078",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0078"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "BattleBlog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/blankmaster.mdb.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0078",
          "url": "https://www.suse.com/security/cve/CVE-2007-0078"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0078",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-0078"
    },
    {
      "cve": "CVE-2007-0079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "rblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) data/admin.mdb or (2) data/rblog.mdb.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0079",
          "url": "https://www.suse.com/security/cve/CVE-2007-0079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0079",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2007-0079"
    },
    {
      "cve": "CVE-2007-0775",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0775"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0775",
          "url": "https://www.suse.com/security/cve/CVE-2007-0775"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0775",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2007-0775"
    },
    {
      "cve": "CVE-2007-0776",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0776"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0776",
          "url": "https://www.suse.com/security/cve/CVE-2007-0776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0776",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2007-0776"
    },
    {
      "cve": "CVE-2007-0777",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0777"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0777",
          "url": "https://www.suse.com/security/cve/CVE-2007-0777"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0777",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2007-0777"
    },
    {
      "cve": "CVE-2007-0780",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0780"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0780",
          "url": "https://www.suse.com/security/cve/CVE-2007-0780"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0780",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-0780"
    },
    {
      "cve": "CVE-2007-0800",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0800"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0800",
          "url": "https://www.suse.com/security/cve/CVE-2007-0800"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0800",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-0800"
    },
    {
      "cve": "CVE-2007-0981",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0981"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0981",
          "url": "https://www.suse.com/security/cve/CVE-2007-0981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0981",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2007-0981"
    },
    {
      "cve": "CVE-2007-0995",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0995"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0995",
          "url": "https://www.suse.com/security/cve/CVE-2007-0995"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0995",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-0995"
    },
    {
      "cve": "CVE-2007-0996",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-0996"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-0996",
          "url": "https://www.suse.com/security/cve/CVE-2007-0996"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 244923 for CVE-2007-0996",
          "url": "https://bugzilla.suse.com/244923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-0996"
    },
    {
      "cve": "CVE-2007-3089",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-3089"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the \"promiscuous IFRAME access bug,\" a related issue to CVE-2006-4568.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-3089",
          "url": "https://www.suse.com/security/cve/CVE-2007-3089"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 288115 for CVE-2007-3089",
          "url": "https://bugzilla.suse.com/288115"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2007-3089"
    },
    {
      "cve": "CVE-2007-3285",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-3285"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extension, which causes Firefox to treat the requested file differently than Windows would.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-3285",
          "url": "https://www.suse.com/security/cve/CVE-2007-3285"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 288115 for CVE-2007-3285",
          "url": "https://bugzilla.suse.com/288115"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2007-3285"
    },
    {
      "cve": "CVE-2007-3656",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-3656"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-3656",
          "url": "https://www.suse.com/security/cve/CVE-2007-3656"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 288115 for CVE-2007-3656",
          "url": "https://bugzilla.suse.com/288115"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-3656"
    },
    {
      "cve": "CVE-2007-3670",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-3670"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) FirefoxURL or (2) FirefoxHTML URI, which are inserted into the command line that is created when invoking firefox.exe.  NOTE: it has been debated as to whether the issue is in Internet Explorer or Firefox. As of 20070711, it is CVE\u0027s opinion that IE appears to be failing to properly delimit the URL argument when invoking Firefox, and this issue could arise with other protocol handlers in IE as well. However, Mozilla has stated that it will address the issue with a \"defense in depth\" fix that will \"prevent IE from sending Firefox malicious data.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-3670",
          "url": "https://www.suse.com/security/cve/CVE-2007-3670"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 288115 for CVE-2007-3670",
          "url": "https://bugzilla.suse.com/288115"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-3670"
    },
    {
      "cve": "CVE-2007-3734",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-3734"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-3734",
          "url": "https://www.suse.com/security/cve/CVE-2007-3734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 288115 for CVE-2007-3734",
          "url": "https://bugzilla.suse.com/288115"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2007-3734"
    },
    {
      "cve": "CVE-2007-3735",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-3735"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-3735",
          "url": "https://www.suse.com/security/cve/CVE-2007-3735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 288115 for CVE-2007-3735",
          "url": "https://bugzilla.suse.com/288115"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2007-3735"
    },
    {
      "cve": "CVE-2007-3736",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-3736"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script \"into another site\u0027s context\" via a \"timing issue\" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-3736",
          "url": "https://www.suse.com/security/cve/CVE-2007-3736"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 288115 for CVE-2007-3736",
          "url": "https://bugzilla.suse.com/288115"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-3736"
    },
    {
      "cve": "CVE-2007-3737",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-3737"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbitrary code with chrome privileges by calling an event handler from an unspecified \"element outside of a document.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-3737",
          "url": "https://www.suse.com/security/cve/CVE-2007-3737"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 288115 for CVE-2007-3737",
          "url": "https://bugzilla.suse.com/288115"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2007-3737"
    },
    {
      "cve": "CVE-2007-3738",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-3738"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-3738",
          "url": "https://www.suse.com/security/cve/CVE-2007-3738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 288115 for CVE-2007-3738",
          "url": "https://bugzilla.suse.com/288115"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2007-3738"
    },
    {
      "cve": "CVE-2008-0412",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0412"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhiteSpaceIn methods, and other vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0412",
          "url": "https://www.suse.com/security/cve/CVE-2008-0412"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0412",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2008-0412"
    },
    {
      "cve": "CVE-2008-0414",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0414"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka \"focus spoofing.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0414",
          "url": "https://www.suse.com/security/cve/CVE-2008-0414"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0414",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0414"
    },
    {
      "cve": "CVE-2008-0415",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0415"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka \"JavaScript privilege escalation bugs.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0415",
          "url": "https://www.suse.com/security/cve/CVE-2008-0415"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0415",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0415"
    },
    {
      "cve": "CVE-2008-0417",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0417"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user\u0027s password store via newlines that are not properly handled when the user saves a password.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0417",
          "url": "https://www.suse.com/security/cve/CVE-2008-0417"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0417",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0417"
    },
    {
      "cve": "CVE-2008-0418",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0418"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using \"flat\" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0418",
          "url": "https://www.suse.com/security/cve/CVE-2008-0418"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0418",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0418"
    },
    {
      "cve": "CVE-2008-0419",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0419"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0419",
          "url": "https://www.suse.com/security/cve/CVE-2008-0419"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0419",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2008-0419"
    },
    {
      "cve": "CVE-2008-0591",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0591"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the \"dialog refocus bug\" or \"ffclick2\".",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0591",
          "url": "https://www.suse.com/security/cve/CVE-2008-0591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0591",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0591"
    },
    {
      "cve": "CVE-2008-0592",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0592"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a \"Content-Disposition: attachment\" and an invalid \"Content-Type: plain/text,\" which prevents Firefox from rendering future plain text files within the browser.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0592",
          "url": "https://www.suse.com/security/cve/CVE-2008-0592"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0592",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0592"
    },
    {
      "cve": "CVE-2008-0593",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0593"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0593",
          "url": "https://www.suse.com/security/cve/CVE-2008-0593"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0593",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0593"
    },
    {
      "cve": "CVE-2008-0594",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0594"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0594",
          "url": "https://www.suse.com/security/cve/CVE-2008-0594"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0594",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0594"
    },
    {
      "cve": "CVE-2008-4063",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-4063"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1) a zero value of the \"this\" variable in the nsContentList::Item function; (2) interaction of the indic IME extension, a Hindi language selection, and the \"g\" character; and (3) interaction of the nsFrameList::SortByContentOrder function with a certain insufficient protection of inline frames.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-4063",
          "url": "https://www.suse.com/security/cve/CVE-2008-4063"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 429179 for CVE-2008-4063",
          "url": "https://bugzilla.suse.com/429179"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2008-4063"
    },
    {
      "cve": "CVE-2008-5913",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-5913"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a \"temporary footprint\" and an \"in-session phishing attack.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-5913",
          "url": "https://www.suse.com/security/cve/CVE-2008-5913"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 468762 for CVE-2008-5913",
          "url": "https://bugzilla.suse.com/468762"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 603356 for CVE-2008-5913",
          "url": "https://bugzilla.suse.com/603356"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-5913"
    },
    {
      "cve": "CVE-2009-0040",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0040"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0040",
          "url": "https://www.suse.com/security/cve/CVE-2009-0040"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 472745 for CVE-2009-0040",
          "url": "https://bugzilla.suse.com/472745"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 478625 for CVE-2009-0040",
          "url": "https://bugzilla.suse.com/478625"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 608040 for CVE-2009-0040",
          "url": "https://bugzilla.suse.com/608040"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-0040"
    },
    {
      "cve": "CVE-2009-0352",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0352"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and destruction of arbitrary layout objects by the nsViewManager::Composite function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0352",
          "url": "https://www.suse.com/security/cve/CVE-2009-0352"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 470074 for CVE-2009-0352",
          "url": "https://bugzilla.suse.com/470074"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-0352"
    },
    {
      "cve": "CVE-2009-0354",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0354"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors involving a chrome XBL method and the window.eval function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0354",
          "url": "https://www.suse.com/security/cve/CVE-2009-0354"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 470074 for CVE-2009-0354",
          "url": "https://bugzilla.suse.com/470074"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2009-0354"
    },
    {
      "cve": "CVE-2009-0355",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0355"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type=\"file\" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0355",
          "url": "https://www.suse.com/security/cve/CVE-2009-0355"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 470074 for CVE-2009-0355",
          "url": "https://bugzilla.suse.com/470074"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-0355"
    },
    {
      "cve": "CVE-2009-0356",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0356"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome privileges via vectors involving the URL field in a Desktop Entry section of a .desktop file, related to representation of about: URIs as jar:file:// URIs. NOTE: this issue exists because of an incomplete fix for CVE-2008-4582.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0356",
          "url": "https://www.suse.com/security/cve/CVE-2009-0356"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 470074 for CVE-2009-0356",
          "url": "https://bugzilla.suse.com/470074"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-0356"
    },
    {
      "cve": "CVE-2009-0357",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0357"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly protection mechanism.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0357",
          "url": "https://www.suse.com/security/cve/CVE-2009-0357"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 470074 for CVE-2009-0357",
          "url": "https://bugzilla.suse.com/470074"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-0357"
    },
    {
      "cve": "CVE-2009-0358",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0358"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim\u0027s browser, as demonstrated by reading the response page of an https POST request.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0358",
          "url": "https://www.suse.com/security/cve/CVE-2009-0358"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 470074 for CVE-2009-0358",
          "url": "https://bugzilla.suse.com/470074"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2009-0358"
    },
    {
      "cve": "CVE-2009-0652",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0652"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by homoglyphs of the / (slash) and ? (question mark) characters in a subdomain of a .cn domain name, a different vulnerability than CVE-2005-0233.  NOTE: some third parties claim that 3.0.6 is not affected, but much older versions perhaps are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0652",
          "url": "https://www.suse.com/security/cve/CVE-2009-0652"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 495473 for CVE-2009-0652",
          "url": "https://bugzilla.suse.com/495473"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2009-0652"
    },
    {
      "cve": "CVE-2009-0771",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0771"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0771",
          "url": "https://www.suse.com/security/cve/CVE-2009-0771"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 478625 for CVE-2009-0771",
          "url": "https://bugzilla.suse.com/478625"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-0771"
    },
    {
      "cve": "CVE-2009-0772",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0772"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0772",
          "url": "https://www.suse.com/security/cve/CVE-2009-0772"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 478625 for CVE-2009-0772",
          "url": "https://bugzilla.suse.com/478625"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-0772"
    },
    {
      "cve": "CVE-2009-0773",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0773"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains \"some non-set elements,\" which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0773",
          "url": "https://www.suse.com/security/cve/CVE-2009-0773"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 478625 for CVE-2009-0773",
          "url": "https://bugzilla.suse.com/478625"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-0773"
    },
    {
      "cve": "CVE-2009-0774",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0774"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0774",
          "url": "https://www.suse.com/security/cve/CVE-2009-0774"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 478625 for CVE-2009-0774",
          "url": "https://bugzilla.suse.com/478625"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-0774"
    },
    {
      "cve": "CVE-2009-0775",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0775"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via \"cloned XUL DOM elements which were linked as a parent and child,\" which are not properly handled during garbage collection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0775",
          "url": "https://www.suse.com/security/cve/CVE-2009-0775"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 478625 for CVE-2009-0775",
          "url": "https://bugzilla.suse.com/478625"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-0775"
    },
    {
      "cve": "CVE-2009-0776",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0776"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0776",
          "url": "https://www.suse.com/security/cve/CVE-2009-0776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 465291 for CVE-2009-0776",
          "url": "https://bugzilla.suse.com/465291"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 478625 for CVE-2009-0776",
          "url": "https://bugzilla.suse.com/478625"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2009-0776"
    },
    {
      "cve": "CVE-2009-0777",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-0777"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-0777",
          "url": "https://www.suse.com/security/cve/CVE-2009-0777"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 478625 for CVE-2009-0777",
          "url": "https://bugzilla.suse.com/478625"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-0777"
    },
    {
      "cve": "CVE-2009-1044",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1044"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1044",
          "url": "https://www.suse.com/security/cve/CVE-2009-1044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 465291 for CVE-2009-1044",
          "url": "https://bugzilla.suse.com/465291"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 488955 for CVE-2009-1044",
          "url": "https://bugzilla.suse.com/488955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-1044"
    },
    {
      "cve": "CVE-2009-1169",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1169"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1169",
          "url": "https://www.suse.com/security/cve/CVE-2009-1169"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 488955 for CVE-2009-1169",
          "url": "https://bugzilla.suse.com/488955"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 509766 for CVE-2009-1169",
          "url": "https://bugzilla.suse.com/509766"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 510964 for CVE-2009-1169",
          "url": "https://bugzilla.suse.com/510964"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 515951 for CVE-2009-1169",
          "url": "https://bugzilla.suse.com/515951"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-1169"
    },
    {
      "cve": "CVE-2009-1302",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1302"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1302",
          "url": "https://www.suse.com/security/cve/CVE-2009-1302"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 495473 for CVE-2009-1302",
          "url": "https://bugzilla.suse.com/495473"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-1302"
    },
    {
      "cve": "CVE-2009-1306",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1306"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a \"Content-Disposition: attachment\" designation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1306",
          "url": "https://www.suse.com/security/cve/CVE-2009-1306"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 495473 for CVE-2009-1306",
          "url": "https://bugzilla.suse.com/495473"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-1306"
    },
    {
      "cve": "CVE-2009-1307",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1307"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1307",
          "url": "https://www.suse.com/security/cve/CVE-2009-1307"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 495473 for CVE-2009-1307",
          "url": "https://bugzilla.suse.com/495473"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 515951 for CVE-2009-1307",
          "url": "https://bugzilla.suse.com/515951"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-1307"
    },
    {
      "cve": "CVE-2009-1308",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1308"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1308",
          "url": "https://www.suse.com/security/cve/CVE-2009-1308"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 495473 for CVE-2009-1308",
          "url": "https://bugzilla.suse.com/495473"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-1308"
    },
    {
      "cve": "CVE-2009-1309",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1309"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document\u0027s principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1309",
          "url": "https://www.suse.com/security/cve/CVE-2009-1309"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 495473 for CVE-2009-1309",
          "url": "https://bugzilla.suse.com/495473"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-1309"
    },
    {
      "cve": "CVE-2009-1310",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1310"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1310",
          "url": "https://www.suse.com/security/cve/CVE-2009-1310"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 495473 for CVE-2009-1310",
          "url": "https://bugzilla.suse.com/495473"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-1310"
    },
    {
      "cve": "CVE-2009-1311",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1311"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame\u0027s URL during a SAVEMODE_FILEONLY save of the inner frame.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1311",
          "url": "https://www.suse.com/security/cve/CVE-2009-1311"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 465291 for CVE-2009-1311",
          "url": "https://bugzilla.suse.com/465291"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 495473 for CVE-2009-1311",
          "url": "https://bugzilla.suse.com/495473"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 515951 for CVE-2009-1311",
          "url": "https://bugzilla.suse.com/515951"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-1311"
    },
    {
      "cve": "CVE-2009-1312",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1312"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1312",
          "url": "https://www.suse.com/security/cve/CVE-2009-1312"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 495473 for CVE-2009-1312",
          "url": "https://bugzilla.suse.com/495473"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-1312"
    },
    {
      "cve": "CVE-2009-1313",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1313"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1313",
          "url": "https://www.suse.com/security/cve/CVE-2009-1313"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 500909 for CVE-2009-1313",
          "url": "https://bugzilla.suse.com/500909"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 502062 for CVE-2009-1313",
          "url": "https://bugzilla.suse.com/502062"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-1313"
    },
    {
      "cve": "CVE-2009-1563",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-1563"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2009-0689.  Reason: This candidate is a duplicate of CVE-2009-0689.  Certain codebase relationships were not originally clear.  Notes: All CVE users should reference CVE-2009-0689 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-1563",
          "url": "https://www.suse.com/security/cve/CVE-2009-1563"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 522109 for CVE-2009-1563",
          "url": "https://bugzilla.suse.com/522109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 545277 for CVE-2009-1563",
          "url": "https://bugzilla.suse.com/545277"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 546371 for CVE-2009-1563",
          "url": "https://bugzilla.suse.com/546371"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 557126 for CVE-2009-1563",
          "url": "https://bugzilla.suse.com/557126"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 557127 for CVE-2009-1563",
          "url": "https://bugzilla.suse.com/557127"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 557128 for CVE-2009-1563",
          "url": "https://bugzilla.suse.com/557128"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 557671 for CVE-2009-1563",
          "url": "https://bugzilla.suse.com/557671"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-1563"
    },
    {
      "cve": "CVE-2009-2470",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-2470"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-2470",
          "url": "https://www.suse.com/security/cve/CVE-2009-2470"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-2470"
    },
    {
      "cve": "CVE-2009-2654",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-2654"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-2654",
          "url": "https://www.suse.com/security/cve/CVE-2009-2654"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 527489 for CVE-2009-2654",
          "url": "https://bugzilla.suse.com/527489"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-2654"
    },
    {
      "cve": "CVE-2009-3069",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3069"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3069",
          "url": "https://www.suse.com/security/cve/CVE-2009-3069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 534458 for CVE-2009-3069",
          "url": "https://bugzilla.suse.com/534458"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3069"
    },
    {
      "cve": "CVE-2009-3072",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3072"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3072",
          "url": "https://www.suse.com/security/cve/CVE-2009-3072"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 534458 for CVE-2009-3072",
          "url": "https://bugzilla.suse.com/534458"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 538290 for CVE-2009-3072",
          "url": "https://bugzilla.suse.com/538290"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 590499 for CVE-2009-3072",
          "url": "https://bugzilla.suse.com/590499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 607935 for CVE-2009-3072",
          "url": "https://bugzilla.suse.com/607935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3072"
    },
    {
      "cve": "CVE-2009-3077",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3077"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a \"dangling pointer vulnerability.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3077",
          "url": "https://www.suse.com/security/cve/CVE-2009-3077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 534458 for CVE-2009-3077",
          "url": "https://bugzilla.suse.com/534458"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 538290 for CVE-2009-3077",
          "url": "https://bugzilla.suse.com/538290"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 590499 for CVE-2009-3077",
          "url": "https://bugzilla.suse.com/590499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 607935 for CVE-2009-3077",
          "url": "https://bugzilla.suse.com/607935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3077"
    },
    {
      "cve": "CVE-2009-3078",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3078"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3078",
          "url": "https://www.suse.com/security/cve/CVE-2009-3078"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 534458 for CVE-2009-3078",
          "url": "https://bugzilla.suse.com/534458"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 538290 for CVE-2009-3078",
          "url": "https://bugzilla.suse.com/538290"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-3078"
    },
    {
      "cve": "CVE-2009-3079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3079",
          "url": "https://www.suse.com/security/cve/CVE-2009-3079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 534458 for CVE-2009-3079",
          "url": "https://bugzilla.suse.com/534458"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 538290 for CVE-2009-3079",
          "url": "https://bugzilla.suse.com/538290"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3079"
    },
    {
      "cve": "CVE-2009-3274",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3274"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3274",
          "url": "https://www.suse.com/security/cve/CVE-2009-3274"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 522109 for CVE-2009-3274",
          "url": "https://bugzilla.suse.com/522109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 534458 for CVE-2009-3274",
          "url": "https://bugzilla.suse.com/534458"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 545277 for CVE-2009-3274",
          "url": "https://bugzilla.suse.com/545277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2009-3274"
    },
    {
      "cve": "CVE-2009-3370",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3370"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3370",
          "url": "https://www.suse.com/security/cve/CVE-2009-3370"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 522109 for CVE-2009-3370",
          "url": "https://bugzilla.suse.com/522109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 545277 for CVE-2009-3370",
          "url": "https://bugzilla.suse.com/545277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-3370"
    },
    {
      "cve": "CVE-2009-3371",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3371"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3371",
          "url": "https://www.suse.com/security/cve/CVE-2009-3371"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 522109 for CVE-2009-3371",
          "url": "https://bugzilla.suse.com/522109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 545277 for CVE-2009-3371",
          "url": "https://bugzilla.suse.com/545277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3371"
    },
    {
      "cve": "CVE-2009-3372",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3372"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3372",
          "url": "https://www.suse.com/security/cve/CVE-2009-3372"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 522109 for CVE-2009-3372",
          "url": "https://bugzilla.suse.com/522109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 545277 for CVE-2009-3372",
          "url": "https://bugzilla.suse.com/545277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3372"
    },
    {
      "cve": "CVE-2009-3373",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3373"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3373",
          "url": "https://www.suse.com/security/cve/CVE-2009-3373"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 522109 for CVE-2009-3373",
          "url": "https://bugzilla.suse.com/522109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 545277 for CVE-2009-3373",
          "url": "https://bugzilla.suse.com/545277"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 557686 for CVE-2009-3373",
          "url": "https://bugzilla.suse.com/557686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3373"
    },
    {
      "cve": "CVE-2009-3374",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3374"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to \"doubly-wrapped objects.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3374",
          "url": "https://www.suse.com/security/cve/CVE-2009-3374"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 522109 for CVE-2009-3374",
          "url": "https://bugzilla.suse.com/522109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 545277 for CVE-2009-3374",
          "url": "https://bugzilla.suse.com/545277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2009-3374"
    },
    {
      "cve": "CVE-2009-3375",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3375"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3375",
          "url": "https://www.suse.com/security/cve/CVE-2009-3375"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 522109 for CVE-2009-3375",
          "url": "https://bugzilla.suse.com/522109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 545277 for CVE-2009-3375",
          "url": "https://bugzilla.suse.com/545277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-3375"
    },
    {
      "cve": "CVE-2009-3376",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3376"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3376",
          "url": "https://www.suse.com/security/cve/CVE-2009-3376"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 522109 for CVE-2009-3376",
          "url": "https://bugzilla.suse.com/522109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 545277 for CVE-2009-3376",
          "url": "https://bugzilla.suse.com/545277"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 590499 for CVE-2009-3376",
          "url": "https://bugzilla.suse.com/590499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 607935 for CVE-2009-3376",
          "url": "https://bugzilla.suse.com/607935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3376"
    },
    {
      "cve": "CVE-2009-3377",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3377"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3377",
          "url": "https://www.suse.com/security/cve/CVE-2009-3377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 522109 for CVE-2009-3377",
          "url": "https://bugzilla.suse.com/522109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 545277 for CVE-2009-3377",
          "url": "https://bugzilla.suse.com/545277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3377"
    },
    {
      "cve": "CVE-2009-3380",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3380"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3380",
          "url": "https://www.suse.com/security/cve/CVE-2009-3380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 522109 for CVE-2009-3380",
          "url": "https://bugzilla.suse.com/522109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 545277 for CVE-2009-3380",
          "url": "https://bugzilla.suse.com/545277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2009-3380"
    },
    {
      "cve": "CVE-2009-3388",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3388"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to \"memory safety issues.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3388",
          "url": "https://www.suse.com/security/cve/CVE-2009-3388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 559807 for CVE-2009-3388",
          "url": "https://bugzilla.suse.com/559807"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3388"
    },
    {
      "cve": "CVE-2009-3389",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3389"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3389",
          "url": "https://www.suse.com/security/cve/CVE-2009-3389"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 559807 for CVE-2009-3389",
          "url": "https://bugzilla.suse.com/559807"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 581722 for CVE-2009-3389",
          "url": "https://bugzilla.suse.com/581722"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3389"
    },
    {
      "cve": "CVE-2009-3555",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3555"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3555",
          "url": "https://www.suse.com/security/cve/CVE-2009-3555"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077582 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/1077582"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 459468 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/459468"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 552497 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/552497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 553641 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/553641"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 554069 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/554069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 554084 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/554084"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 554085 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/554085"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 555177 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/555177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 557168 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/557168"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 564507 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/564507"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 566041 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/566041"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 584292 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/584292"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 586567 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/586567"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 588996 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/588996"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 590826 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/590826"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 592589 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/592589"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 594415 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/594415"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 604782 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/604782"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 614753 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/614753"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622073 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/622073"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 623905 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/623905"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 629905 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/629905"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 642531 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/642531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 646073 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/646073"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 646906 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/646906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 648140 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/648140"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 648950 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/648950"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 659926 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/659926"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 670152 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/670152"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 704832 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/704832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 728876 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/728876"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 729181 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/729181"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 753357 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/753357"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 791794 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/791794"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 799454 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/799454"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 815621 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/815621"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 905347 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/905347"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 979060 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/979060"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986238 for CVE-2009-3555",
          "url": "https://bugzilla.suse.com/986238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-3555"
    },
    {
      "cve": "CVE-2009-3979",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3979"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3979",
          "url": "https://www.suse.com/security/cve/CVE-2009-3979"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 559807 for CVE-2009-3979",
          "url": "https://bugzilla.suse.com/559807"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2009-3979"
    },
    {
      "cve": "CVE-2009-3983",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3983"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3983",
          "url": "https://www.suse.com/security/cve/CVE-2009-3983"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 559807 for CVE-2009-3983",
          "url": "https://bugzilla.suse.com/559807"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 590499 for CVE-2009-3983",
          "url": "https://bugzilla.suse.com/590499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 607935 for CVE-2009-3983",
          "url": "https://bugzilla.suse.com/607935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-3983"
    },
    {
      "cve": "CVE-2009-3984",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2009-3984"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2009-3984",
          "url": "https://www.suse.com/security/cve/CVE-2009-3984"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 559807 for CVE-2009-3984",
          "url": "https://bugzilla.suse.com/559807"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2009-3984"
    },
    {
      "cve": "CVE-2010-0164",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0164"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0164",
          "url": "https://www.suse.com/security/cve/CVE-2010-0164"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-0164"
    },
    {
      "cve": "CVE-2010-0165",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0165"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect calls to the JavaScript eval function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0165",
          "url": "https://www.suse.com/security/cve/CVE-2010-0165"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-0165"
    },
    {
      "cve": "CVE-2010-0168",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0168"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image\u0027s URL, which might allow remote attackers to cause a denial of service (application crash or hang) or hijack the functionality of the browser\u0027s add-ons via a crafted SRC attribute of an IMG element, as demonstrated by remote command execution through an ssh: URL in a configuration that supports gnome-vfs with a nonstandard network.gnomevfs.supported-protocols setting.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0168",
          "url": "https://www.suse.com/security/cve/CVE-2010-0168"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2010-0168"
    },
    {
      "cve": "CVE-2010-0169",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0169"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser\u0027s font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0169",
          "url": "https://www.suse.com/security/cve/CVE-2010-0169"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-0169"
    },
    {
      "cve": "CVE-2010-0170",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0170"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0170",
          "url": "https://www.suse.com/security/cve/CVE-2010-0170"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-0170"
    },
    {
      "cve": "CVE-2010-0171",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0171"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-3736.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0171",
          "url": "https://www.suse.com/security/cve/CVE-2010-0171"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-0171"
    },
    {
      "cve": "CVE-2010-0172",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0172"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization dialog and capture credentials by demanding HTTP authentication in opportunistic circumstances.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0172",
          "url": "https://www.suse.com/security/cve/CVE-2010-0172"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-0172"
    },
    {
      "cve": "CVE-2010-0173",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0173"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0173",
          "url": "https://www.suse.com/security/cve/CVE-2010-0173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 586567 for CVE-2010-0173",
          "url": "https://bugzilla.suse.com/586567"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-0173"
    },
    {
      "cve": "CVE-2010-0176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a \"dangling pointer vulnerability.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0176",
          "url": "https://www.suse.com/security/cve/CVE-2010-0176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 586567 for CVE-2010-0176",
          "url": "https://bugzilla.suse.com/586567"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-0176"
    },
    {
      "cve": "CVE-2010-0177",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0177"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a \"dangling pointer vulnerability.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0177",
          "url": "https://www.suse.com/security/cve/CVE-2010-0177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 586567 for CVE-2010-0177",
          "url": "https://bugzilla.suse.com/586567"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-0177"
    },
    {
      "cve": "CVE-2010-0178",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0178"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0178",
          "url": "https://www.suse.com/security/cve/CVE-2010-0178"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 586567 for CVE-2010-0178",
          "url": "https://bugzilla.suse.com/586567"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2010-0178"
    },
    {
      "cve": "CVE-2010-0181",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0181"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0181",
          "url": "https://www.suse.com/security/cve/CVE-2010-0181"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 586567 for CVE-2010-0181",
          "url": "https://bugzilla.suse.com/586567"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-0181"
    },
    {
      "cve": "CVE-2010-0182",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0182"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0182",
          "url": "https://www.suse.com/security/cve/CVE-2010-0182"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 586567 for CVE-2010-0182",
          "url": "https://bugzilla.suse.com/586567"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-0182"
    },
    {
      "cve": "CVE-2010-0654",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-0654"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-0654",
          "url": "https://www.suse.com/security/cve/CVE-2010-0654"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 583603 for CVE-2010-0654",
          "url": "https://bugzilla.suse.com/583603"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-0654",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-0654"
    },
    {
      "cve": "CVE-2010-1028",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1028"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1028",
          "url": "https://www.suse.com/security/cve/CVE-2010-1028"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1028"
    },
    {
      "cve": "CVE-2010-1121",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1121"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1121",
          "url": "https://www.suse.com/security/cve/CVE-2010-1121"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 603356 for CVE-2010-1121",
          "url": "https://bugzilla.suse.com/603356"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1121"
    },
    {
      "cve": "CVE-2010-1125",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1125"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1125",
          "url": "https://www.suse.com/security/cve/CVE-2010-1125"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 603356 for CVE-2010-1125",
          "url": "https://bugzilla.suse.com/603356"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-1125"
    },
    {
      "cve": "CVE-2010-1196",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1196"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1196",
          "url": "https://www.suse.com/security/cve/CVE-2010-1196"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 603356 for CVE-2010-1196",
          "url": "https://bugzilla.suse.com/603356"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 617399 for CVE-2010-1196",
          "url": "https://bugzilla.suse.com/617399"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1196"
    },
    {
      "cve": "CVE-2010-1197",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1197"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both \"Content-Disposition: attachment\" and \"Content-Type: multipart\" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1197",
          "url": "https://www.suse.com/security/cve/CVE-2010-1197"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 603356 for CVE-2010-1197",
          "url": "https://bugzilla.suse.com/603356"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 617399 for CVE-2010-1197",
          "url": "https://bugzilla.suse.com/617399"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-1197"
    },
    {
      "cve": "CVE-2010-1198",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1198"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1198",
          "url": "https://www.suse.com/security/cve/CVE-2010-1198"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 603356 for CVE-2010-1198",
          "url": "https://bugzilla.suse.com/603356"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 617399 for CVE-2010-1198",
          "url": "https://bugzilla.suse.com/617399"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1198"
    },
    {
      "cve": "CVE-2010-1199",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1199"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1199",
          "url": "https://www.suse.com/security/cve/CVE-2010-1199"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 603356 for CVE-2010-1199",
          "url": "https://bugzilla.suse.com/603356"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 617399 for CVE-2010-1199",
          "url": "https://bugzilla.suse.com/617399"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1199"
    },
    {
      "cve": "CVE-2010-1200",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1200"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1200",
          "url": "https://www.suse.com/security/cve/CVE-2010-1200"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 603356 for CVE-2010-1200",
          "url": "https://bugzilla.suse.com/603356"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 617399 for CVE-2010-1200",
          "url": "https://bugzilla.suse.com/617399"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1200"
    },
    {
      "cve": "CVE-2010-1203",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1203"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1203",
          "url": "https://www.suse.com/security/cve/CVE-2010-1203"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 603356 for CVE-2010-1203",
          "url": "https://bugzilla.suse.com/603356"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 617399 for CVE-2010-1203",
          "url": "https://bugzilla.suse.com/617399"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1203"
    },
    {
      "cve": "CVE-2010-1205",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1205"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1205",
          "url": "https://www.suse.com/security/cve/CVE-2010-1205"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188284 for CVE-2010-1205",
          "url": "https://bugzilla.suse.com/1188284"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 617866 for CVE-2010-1205",
          "url": "https://bugzilla.suse.com/617866"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-1205",
          "url": "https://bugzilla.suse.com/622506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 639941 for CVE-2010-1205",
          "url": "https://bugzilla.suse.com/639941"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854395 for CVE-2010-1205",
          "url": "https://bugzilla.suse.com/854395"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1205"
    },
    {
      "cve": "CVE-2010-1206",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1206"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is currently loading, which allows (1) remote web servers to conduct spoofing attacks via vectors involving a 204 (aka No Content) status code, and allows (2) remote attackers to conduct spoofing attacks via vectors involving a window.stop call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1206",
          "url": "https://www.suse.com/security/cve/CVE-2010-1206"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 618183 for CVE-2010-1206",
          "url": "https://bugzilla.suse.com/618183"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-1206",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-1206"
    },
    {
      "cve": "CVE-2010-1207",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1207"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1207",
          "url": "https://www.suse.com/security/cve/CVE-2010-1207"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-1207",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-1207"
    },
    {
      "cve": "CVE-2010-1208",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1208"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1208",
          "url": "https://www.suse.com/security/cve/CVE-2010-1208"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-1208",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1208"
    },
    {
      "cve": "CVE-2010-1209",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1209"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and a javascript callback.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1209",
          "url": "https://www.suse.com/security/cve/CVE-2010-1209"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-1209",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1209"
    },
    {
      "cve": "CVE-2010-1210",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1210"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1210",
          "url": "https://www.suse.com/security/cve/CVE-2010-1210"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-1210",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-1210"
    },
    {
      "cve": "CVE-2010-1211",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1211"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1211",
          "url": "https://www.suse.com/security/cve/CVE-2010-1211"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-1211",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1211"
    },
    {
      "cve": "CVE-2010-1213",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1213"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1213",
          "url": "https://www.suse.com/security/cve/CVE-2010-1213"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-1213",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-1213"
    },
    {
      "cve": "CVE-2010-1214",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1214"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1214",
          "url": "https://www.suse.com/security/cve/CVE-2010-1214"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-1214",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-1214"
    },
    {
      "cve": "CVE-2010-1215",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-1215"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper (aka SJOW) wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging \"access to an object from the chrome scope.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-1215",
          "url": "https://www.suse.com/security/cve/CVE-2010-1215"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-1215",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-1215"
    },
    {
      "cve": "CVE-2010-2752",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2752"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2752",
          "url": "https://www.suse.com/security/cve/CVE-2010-2752"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-2752",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-2752"
    },
    {
      "cve": "CVE-2010-2753",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2753"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2753",
          "url": "https://www.suse.com/security/cve/CVE-2010-2753"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-2753",
          "url": "https://bugzilla.suse.com/622506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-2753",
          "url": "https://bugzilla.suse.com/637303"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-2753"
    },
    {
      "cve": "CVE-2010-2754",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2754"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script\u0027s URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2754",
          "url": "https://www.suse.com/security/cve/CVE-2010-2754"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-2754",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-2754"
    },
    {
      "cve": "CVE-2010-2755",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2755"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2755",
          "url": "https://www.suse.com/security/cve/CVE-2010-2755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 622506 for CVE-2010-2755",
          "url": "https://bugzilla.suse.com/622506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-2755"
    },
    {
      "cve": "CVE-2010-2760",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2760"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a \"dangling pointer vulnerability.\" NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2760",
          "url": "https://www.suse.com/security/cve/CVE-2010-2760"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-2760",
          "url": "https://bugzilla.suse.com/637303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 638109 for CVE-2010-2760",
          "url": "https://bugzilla.suse.com/638109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-2760"
    },
    {
      "cve": "CVE-2010-2762",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2762"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2762",
          "url": "https://www.suse.com/security/cve/CVE-2010-2762"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-2762",
          "url": "https://bugzilla.suse.com/637303"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-2762"
    },
    {
      "cve": "CVE-2010-2764",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2764"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2764",
          "url": "https://www.suse.com/security/cve/CVE-2010-2764"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-2764",
          "url": "https://bugzilla.suse.com/637303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 638109 for CVE-2010-2764",
          "url": "https://bugzilla.suse.com/638109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-2764"
    },
    {
      "cve": "CVE-2010-2765",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2765"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2765",
          "url": "https://www.suse.com/security/cve/CVE-2010-2765"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-2765",
          "url": "https://bugzilla.suse.com/637303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 638109 for CVE-2010-2765",
          "url": "https://bugzilla.suse.com/638109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-2765"
    },
    {
      "cve": "CVE-2010-2766",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2766"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code via vectors involving access to a deleted object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2766",
          "url": "https://www.suse.com/security/cve/CVE-2010-2766"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-2766",
          "url": "https://bugzilla.suse.com/637303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 638109 for CVE-2010-2766",
          "url": "https://bugzilla.suse.com/638109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-2766"
    },
    {
      "cve": "CVE-2010-2767",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2767"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a \"dangling pointer vulnerability.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2767",
          "url": "https://www.suse.com/security/cve/CVE-2010-2767"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-2767",
          "url": "https://bugzilla.suse.com/637303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 638109 for CVE-2010-2767",
          "url": "https://bugzilla.suse.com/638109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-2767"
    },
    {
      "cve": "CVE-2010-2768",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2768"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document\u0027s charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2768",
          "url": "https://www.suse.com/security/cve/CVE-2010-2768"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-2768",
          "url": "https://bugzilla.suse.com/637303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 638109 for CVE-2010-2768",
          "url": "https://bugzilla.suse.com/638109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-2768"
    },
    {
      "cve": "CVE-2010-2769",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-2769"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-2769",
          "url": "https://www.suse.com/security/cve/CVE-2010-2769"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-2769",
          "url": "https://bugzilla.suse.com/637303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 638109 for CVE-2010-2769",
          "url": "https://bugzilla.suse.com/638109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-2769"
    },
    {
      "cve": "CVE-2010-3166",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3166"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3166",
          "url": "https://www.suse.com/security/cve/CVE-2010-3166"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-3166",
          "url": "https://bugzilla.suse.com/637303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 638109 for CVE-2010-3166",
          "url": "https://bugzilla.suse.com/638109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-3166"
    },
    {
      "cve": "CVE-2010-3167",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3167"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a \"dangling pointer vulnerability.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3167",
          "url": "https://www.suse.com/security/cve/CVE-2010-3167"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-3167",
          "url": "https://bugzilla.suse.com/637303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 638109 for CVE-2010-3167",
          "url": "https://bugzilla.suse.com/638109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-3167"
    },
    {
      "cve": "CVE-2010-3168",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3168"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3168",
          "url": "https://www.suse.com/security/cve/CVE-2010-3168"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-3168",
          "url": "https://bugzilla.suse.com/637303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 638109 for CVE-2010-3168",
          "url": "https://bugzilla.suse.com/638109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-3168"
    },
    {
      "cve": "CVE-2010-3169",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3169"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3169",
          "url": "https://www.suse.com/security/cve/CVE-2010-3169"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637303 for CVE-2010-3169",
          "url": "https://bugzilla.suse.com/637303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 638109 for CVE-2010-3169",
          "url": "https://bugzilla.suse.com/638109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-3169"
    },
    {
      "cve": "CVE-2010-3170",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3170"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject\u0027s Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3170",
          "url": "https://www.suse.com/security/cve/CVE-2010-3170"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 637290 for CVE-2010-3170",
          "url": "https://bugzilla.suse.com/637290"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 645315 for CVE-2010-3170",
          "url": "https://bugzilla.suse.com/645315"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 652858 for CVE-2010-3170",
          "url": "https://bugzilla.suse.com/652858"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868629 for CVE-2010-3170",
          "url": "https://bugzilla.suse.com/868629"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-3170"
    },
    {
      "cve": "CVE-2010-3173",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3173"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3173",
          "url": "https://www.suse.com/security/cve/CVE-2010-3173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 645315 for CVE-2010-3173",
          "url": "https://bugzilla.suse.com/645315"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2010-3173"
    },
    {
      "cve": "CVE-2010-3174",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3174"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3174",
          "url": "https://www.suse.com/security/cve/CVE-2010-3174"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 645315 for CVE-2010-3174",
          "url": "https://bugzilla.suse.com/645315"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 652858 for CVE-2010-3174",
          "url": "https://bugzilla.suse.com/652858"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-3174"
    },
    {
      "cve": "CVE-2010-3177",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3177"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3177",
          "url": "https://www.suse.com/security/cve/CVE-2010-3177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 645315 for CVE-2010-3177",
          "url": "https://bugzilla.suse.com/645315"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 652858 for CVE-2010-3177",
          "url": "https://bugzilla.suse.com/652858"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-3177"
    },
    {
      "cve": "CVE-2010-3178",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3178"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3178",
          "url": "https://www.suse.com/security/cve/CVE-2010-3178"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 645315 for CVE-2010-3178",
          "url": "https://bugzilla.suse.com/645315"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 652858 for CVE-2010-3178",
          "url": "https://bugzilla.suse.com/652858"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-3178"
    },
    {
      "cve": "CVE-2010-3179",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3179"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3179",
          "url": "https://www.suse.com/security/cve/CVE-2010-3179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 645315 for CVE-2010-3179",
          "url": "https://bugzilla.suse.com/645315"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 652858 for CVE-2010-3179",
          "url": "https://bugzilla.suse.com/652858"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-3179"
    },
    {
      "cve": "CVE-2010-3180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3180",
          "url": "https://www.suse.com/security/cve/CVE-2010-3180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 645315 for CVE-2010-3180",
          "url": "https://bugzilla.suse.com/645315"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 652858 for CVE-2010-3180",
          "url": "https://bugzilla.suse.com/652858"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-3180"
    },
    {
      "cve": "CVE-2010-3182",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3182"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3182",
          "url": "https://www.suse.com/security/cve/CVE-2010-3182"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 642502 for CVE-2010-3182",
          "url": "https://bugzilla.suse.com/642502"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 645315 for CVE-2010-3182",
          "url": "https://bugzilla.suse.com/645315"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 652858 for CVE-2010-3182",
          "url": "https://bugzilla.suse.com/652858"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2010-3182"
    },
    {
      "cve": "CVE-2010-3183",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3183"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a \"dangling pointer\" and the JS_ValueToId function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3183",
          "url": "https://www.suse.com/security/cve/CVE-2010-3183"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 645315 for CVE-2010-3183",
          "url": "https://bugzilla.suse.com/645315"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 652858 for CVE-2010-3183",
          "url": "https://bugzilla.suse.com/652858"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-3183"
    },
    {
      "cve": "CVE-2010-3765",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-3765"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-3765",
          "url": "https://www.suse.com/security/cve/CVE-2010-3765"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 649492 for CVE-2010-3765",
          "url": "https://bugzilla.suse.com/649492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 652858 for CVE-2010-3765",
          "url": "https://bugzilla.suse.com/652858"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2010-3765"
    },
    {
      "cve": "CVE-2011-0068",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-0068"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-0068",
          "url": "https://www.suse.com/security/cve/CVE-2011-0068"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 689281 for CVE-2011-0068",
          "url": "https://bugzilla.suse.com/689281"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2011-0068"
    },
    {
      "cve": "CVE-2011-0069",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-0069"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-0069",
          "url": "https://www.suse.com/security/cve/CVE-2011-0069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 689281 for CVE-2011-0069",
          "url": "https://bugzilla.suse.com/689281"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-0069"
    },
    {
      "cve": "CVE-2011-0080",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-0080"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-0080",
          "url": "https://www.suse.com/security/cve/CVE-2011-0080"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 689281 for CVE-2011-0080",
          "url": "https://bugzilla.suse.com/689281"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-0080"
    },
    {
      "cve": "CVE-2011-0084",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-0084"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a \"dangling pointer.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-0084",
          "url": "https://www.suse.com/security/cve/CVE-2011-0084"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 712224 for CVE-2011-0084",
          "url": "https://bugzilla.suse.com/712224"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-0084"
    },
    {
      "cve": "CVE-2011-1187",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-1187"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an \"error message leak.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-1187",
          "url": "https://www.suse.com/security/cve/CVE-2011-1187"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2011-1187",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-1187"
    },
    {
      "cve": "CVE-2011-1202",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-1202"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-1202",
          "url": "https://www.suse.com/security/cve/CVE-2011-1202"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 689281 for CVE-2011-1202",
          "url": "https://bugzilla.suse.com/689281"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 692619 for CVE-2011-1202",
          "url": "https://bugzilla.suse.com/692619"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-1202"
    },
    {
      "cve": "CVE-2011-2366",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2366"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2366",
          "url": "https://www.suse.com/security/cve/CVE-2011-2366"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 701296 for CVE-2011-2366",
          "url": "https://bugzilla.suse.com/701296"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-2366"
    },
    {
      "cve": "CVE-2011-2367",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2367"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service (application crash), via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2367",
          "url": "https://www.suse.com/security/cve/CVE-2011-2367"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 701296 for CVE-2011-2367",
          "url": "https://bugzilla.suse.com/701296"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-2367"
    },
    {
      "cve": "CVE-2011-2369",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2369"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2369",
          "url": "https://www.suse.com/security/cve/CVE-2011-2369"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 701296 for CVE-2011-2369",
          "url": "https://bugzilla.suse.com/701296"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-2369"
    },
    {
      "cve": "CVE-2011-2370",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2370"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote attackers to trigger an installation dialog for a (1) add-on or (2) theme via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2370",
          "url": "https://www.suse.com/security/cve/CVE-2011-2370"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 701296 for CVE-2011-2370",
          "url": "https://bugzilla.suse.com/701296"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-2370"
    },
    {
      "cve": "CVE-2011-2371",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2371"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2371",
          "url": "https://www.suse.com/security/cve/CVE-2011-2371"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 701296 for CVE-2011-2371",
          "url": "https://bugzilla.suse.com/701296"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-2371"
    },
    {
      "cve": "CVE-2011-2372",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2372"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2372",
          "url": "https://www.suse.com/security/cve/CVE-2011-2372"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 720264 for CVE-2011-2372",
          "url": "https://bugzilla.suse.com/720264"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-2372"
    },
    {
      "cve": "CVE-2011-2373",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2373"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2373",
          "url": "https://www.suse.com/security/cve/CVE-2011-2373"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 701296 for CVE-2011-2373",
          "url": "https://bugzilla.suse.com/701296"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2011-2373"
    },
    {
      "cve": "CVE-2011-2374",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2374"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2374",
          "url": "https://www.suse.com/security/cve/CVE-2011-2374"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 701296 for CVE-2011-2374",
          "url": "https://bugzilla.suse.com/701296"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-2374"
    },
    {
      "cve": "CVE-2011-2377",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2377"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2377",
          "url": "https://www.suse.com/security/cve/CVE-2011-2377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 701296 for CVE-2011-2377",
          "url": "https://bugzilla.suse.com/701296"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-2377"
    },
    {
      "cve": "CVE-2011-2986",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2986"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2986",
          "url": "https://www.suse.com/security/cve/CVE-2011-2986"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 712224 for CVE-2011-2986",
          "url": "https://bugzilla.suse.com/712224"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-2986"
    },
    {
      "cve": "CVE-2011-2988",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2988"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2988",
          "url": "https://www.suse.com/security/cve/CVE-2011-2988"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 712224 for CVE-2011-2988",
          "url": "https://bugzilla.suse.com/712224"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-2988"
    },
    {
      "cve": "CVE-2011-2989",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2989"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2989",
          "url": "https://www.suse.com/security/cve/CVE-2011-2989"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 712224 for CVE-2011-2989",
          "url": "https://bugzilla.suse.com/712224"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-2989"
    },
    {
      "cve": "CVE-2011-2990",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2990"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by reading a report, related to incorrect host resolution that occurs with certain redirects.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2990",
          "url": "https://www.suse.com/security/cve/CVE-2011-2990"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 712224 for CVE-2011-2990",
          "url": "https://bugzilla.suse.com/712224"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-2990"
    },
    {
      "cve": "CVE-2011-2993",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2993"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2993",
          "url": "https://www.suse.com/security/cve/CVE-2011-2993"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 712224 for CVE-2011-2993",
          "url": "https://bugzilla.suse.com/712224"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-2993"
    },
    {
      "cve": "CVE-2011-2995",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-2995"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-2995",
          "url": "https://www.suse.com/security/cve/CVE-2011-2995"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 720264 for CVE-2011-2995",
          "url": "https://bugzilla.suse.com/720264"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-2995"
    },
    {
      "cve": "CVE-2011-3000",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3000"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3000",
          "url": "https://www.suse.com/security/cve/CVE-2011-3000"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 720264 for CVE-2011-3000",
          "url": "https://bugzilla.suse.com/720264"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-3000"
    },
    {
      "cve": "CVE-2011-3002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a memory-allocation error and a resulting buffer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3002",
          "url": "https://www.suse.com/security/cve/CVE-2011-3002"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 720264 for CVE-2011-3002",
          "url": "https://bugzilla.suse.com/720264"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-3002"
    },
    {
      "cve": "CVE-2011-3004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3004",
          "url": "https://www.suse.com/security/cve/CVE-2011-3004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 720264 for CVE-2011-3004",
          "url": "https://bugzilla.suse.com/720264"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-3004"
    },
    {
      "cve": "CVE-2011-3005",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3005"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3005",
          "url": "https://www.suse.com/security/cve/CVE-2011-3005"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 720264 for CVE-2011-3005",
          "url": "https://bugzilla.suse.com/720264"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-3005"
    },
    {
      "cve": "CVE-2011-3026",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3026"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3026",
          "url": "https://www.suse.com/security/cve/CVE-2011-3026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 747311 for CVE-2011-3026",
          "url": "https://bugzilla.suse.com/747311"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 747327 for CVE-2011-3026",
          "url": "https://bugzilla.suse.com/747327"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 747328 for CVE-2011-3026",
          "url": "https://bugzilla.suse.com/747328"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 773612 for CVE-2011-3026",
          "url": "https://bugzilla.suse.com/773612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854395 for CVE-2011-3026",
          "url": "https://bugzilla.suse.com/854395"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2011-3026"
    },
    {
      "cve": "CVE-2011-3062",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3062"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3062",
          "url": "https://www.suse.com/security/cve/CVE-2011-3062"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 754458 for CVE-2011-3062",
          "url": "https://bugzilla.suse.com/754458"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2011-3062",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-3062"
    },
    {
      "cve": "CVE-2011-3079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3079",
          "url": "https://www.suse.com/security/cve/CVE-2011-3079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1122983 for CVE-2011-3079",
          "url": "https://bugzilla.suse.com/1122983"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 760264 for CVE-2011-3079",
          "url": "https://bugzilla.suse.com/760264"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 930622 for CVE-2011-3079",
          "url": "https://bugzilla.suse.com/930622"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986639 for CVE-2011-3079",
          "url": "https://bugzilla.suse.com/986639"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-3079"
    },
    {
      "cve": "CVE-2011-3232",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3232"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3232",
          "url": "https://www.suse.com/security/cve/CVE-2011-3232"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 720264 for CVE-2011-3232",
          "url": "https://bugzilla.suse.com/720264"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-3232"
    },
    {
      "cve": "CVE-2011-3648",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3648"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3648",
          "url": "https://www.suse.com/security/cve/CVE-2011-3648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-3648"
    },
    {
      "cve": "CVE-2011-3650",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3650"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3650",
          "url": "https://www.suse.com/security/cve/CVE-2011-3650"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-3650"
    },
    {
      "cve": "CVE-2011-3651",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3651"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3651",
          "url": "https://www.suse.com/security/cve/CVE-2011-3651"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-3651"
    },
    {
      "cve": "CVE-2011-3655",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3655"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3655",
          "url": "https://www.suse.com/security/cve/CVE-2011-3655"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-3655"
    },
    {
      "cve": "CVE-2011-3658",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3658"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3658",
          "url": "https://www.suse.com/security/cve/CVE-2011-3658"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 737533 for CVE-2011-3658",
          "url": "https://bugzilla.suse.com/737533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 746591 for CVE-2011-3658",
          "url": "https://bugzilla.suse.com/746591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 750044 for CVE-2011-3658",
          "url": "https://bugzilla.suse.com/750044"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2011-3658"
    },
    {
      "cve": "CVE-2011-3659",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3659"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3659",
          "url": "https://www.suse.com/security/cve/CVE-2011-3659"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 744275 for CVE-2011-3659",
          "url": "https://bugzilla.suse.com/744275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-3659"
    },
    {
      "cve": "CVE-2011-3660",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3660"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3660",
          "url": "https://www.suse.com/security/cve/CVE-2011-3660"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 737533 for CVE-2011-3660",
          "url": "https://bugzilla.suse.com/737533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-3660"
    },
    {
      "cve": "CVE-2011-3661",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3661"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3661",
          "url": "https://www.suse.com/security/cve/CVE-2011-3661"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 737533 for CVE-2011-3661",
          "url": "https://bugzilla.suse.com/737533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2011-3661"
    },
    {
      "cve": "CVE-2011-3663",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3663"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3663",
          "url": "https://www.suse.com/security/cve/CVE-2011-3663"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 737533 for CVE-2011-3663",
          "url": "https://bugzilla.suse.com/737533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-3663"
    },
    {
      "cve": "CVE-2012-0441",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0441"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0441",
          "url": "https://www.suse.com/security/cve/CVE-2012-0441"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 765204 for CVE-2012-0441",
          "url": "https://bugzilla.suse.com/765204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0441"
    },
    {
      "cve": "CVE-2012-0442",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0442"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0442",
          "url": "https://www.suse.com/security/cve/CVE-2012-0442"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 744275 for CVE-2012-0442",
          "url": "https://bugzilla.suse.com/744275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0442"
    },
    {
      "cve": "CVE-2012-0444",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0444"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0444",
          "url": "https://www.suse.com/security/cve/CVE-2012-0444"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 744275 for CVE-2012-0444",
          "url": "https://bugzilla.suse.com/744275"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 747912 for CVE-2012-0444",
          "url": "https://bugzilla.suse.com/747912"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0444"
    },
    {
      "cve": "CVE-2012-0445",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0445"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame\u0027s name attribute.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0445",
          "url": "https://www.suse.com/security/cve/CVE-2012-0445"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 744275 for CVE-2012-0445",
          "url": "https://bugzilla.suse.com/744275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-0445"
    },
    {
      "cve": "CVE-2012-0446",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0446"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0446",
          "url": "https://www.suse.com/security/cve/CVE-2012-0446"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 744275 for CVE-2012-0446",
          "url": "https://bugzilla.suse.com/744275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-0446"
    },
    {
      "cve": "CVE-2012-0447",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0447"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an ICO image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0447",
          "url": "https://www.suse.com/security/cve/CVE-2012-0447"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 744275 for CVE-2012-0447",
          "url": "https://bugzilla.suse.com/744275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-0447"
    },
    {
      "cve": "CVE-2012-0449",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0449"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0449",
          "url": "https://www.suse.com/security/cve/CVE-2012-0449"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 744275 for CVE-2012-0449",
          "url": "https://bugzilla.suse.com/744275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0449"
    },
    {
      "cve": "CVE-2012-0451",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0451"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web servers to bypass intended Content Security Policy (CSP) restrictions and possibly conduct cross-site scripting (XSS) attacks via crafted HTTP headers.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0451",
          "url": "https://www.suse.com/security/cve/CVE-2012-0451"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 746591 for CVE-2012-0451",
          "url": "https://bugzilla.suse.com/746591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 750044 for CVE-2012-0451",
          "url": "https://bugzilla.suse.com/750044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 752168 for CVE-2012-0451",
          "url": "https://bugzilla.suse.com/752168"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-0451"
    },
    {
      "cve": "CVE-2012-0452",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0452"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector\u0027s access to a hash table containing a stale XBL binding.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0452",
          "url": "https://www.suse.com/security/cve/CVE-2012-0452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 746616 for CVE-2012-0452",
          "url": "https://bugzilla.suse.com/746616"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 746663 for CVE-2012-0452",
          "url": "https://bugzilla.suse.com/746663"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2012-0452"
    },
    {
      "cve": "CVE-2012-0455",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0455"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a \"DragAndDropJacking\" issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0455",
          "url": "https://www.suse.com/security/cve/CVE-2012-0455"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 746591 for CVE-2012-0455",
          "url": "https://bugzilla.suse.com/746591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 750044 for CVE-2012-0455",
          "url": "https://bugzilla.suse.com/750044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 752168 for CVE-2012-0455",
          "url": "https://bugzilla.suse.com/752168"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-0455"
    },
    {
      "cve": "CVE-2012-0456",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0456"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0456",
          "url": "https://www.suse.com/security/cve/CVE-2012-0456"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 746591 for CVE-2012-0456",
          "url": "https://bugzilla.suse.com/746591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 750044 for CVE-2012-0456",
          "url": "https://bugzilla.suse.com/750044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 752168 for CVE-2012-0456",
          "url": "https://bugzilla.suse.com/752168"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-0456"
    },
    {
      "cve": "CVE-2012-0458",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0458"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0458",
          "url": "https://www.suse.com/security/cve/CVE-2012-0458"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 746591 for CVE-2012-0458",
          "url": "https://bugzilla.suse.com/746591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 750044 for CVE-2012-0458",
          "url": "https://bugzilla.suse.com/750044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 752168 for CVE-2012-0458",
          "url": "https://bugzilla.suse.com/752168"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-0458"
    },
    {
      "cve": "CVE-2012-0459",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0459"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0459",
          "url": "https://www.suse.com/security/cve/CVE-2012-0459"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 746591 for CVE-2012-0459",
          "url": "https://bugzilla.suse.com/746591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 750044 for CVE-2012-0459",
          "url": "https://bugzilla.suse.com/750044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 752168 for CVE-2012-0459",
          "url": "https://bugzilla.suse.com/752168"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2012-0459"
    },
    {
      "cve": "CVE-2012-0460",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0460"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote attackers to spoof the user interface via a crafted web page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0460",
          "url": "https://www.suse.com/security/cve/CVE-2012-0460"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 746591 for CVE-2012-0460",
          "url": "https://bugzilla.suse.com/746591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 750044 for CVE-2012-0460",
          "url": "https://bugzilla.suse.com/750044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 752168 for CVE-2012-0460",
          "url": "https://bugzilla.suse.com/752168"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-0460"
    },
    {
      "cve": "CVE-2012-0461",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0461"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0461",
          "url": "https://www.suse.com/security/cve/CVE-2012-0461"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 746591 for CVE-2012-0461",
          "url": "https://bugzilla.suse.com/746591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 750044 for CVE-2012-0461",
          "url": "https://bugzilla.suse.com/750044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 752168 for CVE-2012-0461",
          "url": "https://bugzilla.suse.com/752168"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2012-0461"
    },
    {
      "cve": "CVE-2012-0463",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0463"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 does not check the validity of an instance after event dispatching, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, as demonstrated by Mobile Firefox on Android.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0463",
          "url": "https://www.suse.com/security/cve/CVE-2012-0463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 746591 for CVE-2012-0463",
          "url": "https://bugzilla.suse.com/746591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 750044 for CVE-2012-0463",
          "url": "https://bugzilla.suse.com/750044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 752168 for CVE-2012-0463",
          "url": "https://bugzilla.suse.com/752168"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2012-0463"
    },
    {
      "cve": "CVE-2012-0467",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0467"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0467",
          "url": "https://www.suse.com/security/cve/CVE-2012-0467"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2012-0467",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0467"
    },
    {
      "cve": "CVE-2012-0469",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0469"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0469",
          "url": "https://www.suse.com/security/cve/CVE-2012-0469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2012-0469",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0469"
    },
    {
      "cve": "CVE-2012-0470",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0470"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of \"different number systems.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0470",
          "url": "https://www.suse.com/security/cve/CVE-2012-0470"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2012-0470",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0470"
    },
    {
      "cve": "CVE-2012-0471",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0471"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0471",
          "url": "https://www.suse.com/security/cve/CVE-2012-0471"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2012-0471",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0471"
    },
    {
      "cve": "CVE-2012-0472",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0472"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0472",
          "url": "https://www.suse.com/security/cve/CVE-2012-0472"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2012-0472",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0472"
    },
    {
      "cve": "CVE-2012-0473",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0473"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0473",
          "url": "https://www.suse.com/security/cve/CVE-2012-0473"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2012-0473",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0473"
    },
    {
      "cve": "CVE-2012-0474",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0474"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka \"Universal XSS (UXSS).\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0474",
          "url": "https://www.suse.com/security/cve/CVE-2012-0474"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2012-0474",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0474"
    },
    {
      "cve": "CVE-2012-0475",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0475"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0475",
          "url": "https://www.suse.com/security/cve/CVE-2012-0475"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2012-0475",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0475"
    },
    {
      "cve": "CVE-2012-0477",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0477"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0477",
          "url": "https://www.suse.com/security/cve/CVE-2012-0477"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2012-0477",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0477"
    },
    {
      "cve": "CVE-2012-0478",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0478"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0478",
          "url": "https://www.suse.com/security/cve/CVE-2012-0478"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2012-0478",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0478"
    },
    {
      "cve": "CVE-2012-0479",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0479"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0479",
          "url": "https://www.suse.com/security/cve/CVE-2012-0479"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 758408 for CVE-2012-0479",
          "url": "https://bugzilla.suse.com/758408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0479"
    },
    {
      "cve": "CVE-2012-0759",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-0759"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-0759",
          "url": "https://www.suse.com/security/cve/CVE-2012-0759"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2012-0759",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-0759"
    },
    {
      "cve": "CVE-2012-1938",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1938"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1938",
          "url": "https://www.suse.com/security/cve/CVE-2012-1938"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 765204 for CVE-2012-1938",
          "url": "https://bugzilla.suse.com/765204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1938"
    },
    {
      "cve": "CVE-2012-1944",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1944"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1944",
          "url": "https://www.suse.com/security/cve/CVE-2012-1944"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 765204 for CVE-2012-1944",
          "url": "https://bugzilla.suse.com/765204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-1944"
    },
    {
      "cve": "CVE-2012-1945",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1945"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1945",
          "url": "https://www.suse.com/security/cve/CVE-2012-1945"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 765204 for CVE-2012-1945",
          "url": "https://bugzilla.suse.com/765204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-1945"
    },
    {
      "cve": "CVE-2012-1946",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1946"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1946",
          "url": "https://www.suse.com/security/cve/CVE-2012-1946"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 765204 for CVE-2012-1946",
          "url": "https://bugzilla.suse.com/765204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1946"
    },
    {
      "cve": "CVE-2012-1947",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1947"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1947",
          "url": "https://www.suse.com/security/cve/CVE-2012-1947"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 765204 for CVE-2012-1947",
          "url": "https://bugzilla.suse.com/765204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1947"
    },
    {
      "cve": "CVE-2012-1949",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1949"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1949",
          "url": "https://www.suse.com/security/cve/CVE-2012-1949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1949",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1949"
    },
    {
      "cve": "CVE-2012-1950",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1950"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1950",
          "url": "https://www.suse.com/security/cve/CVE-2012-1950"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1950",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1950"
    },
    {
      "cve": "CVE-2012-1951",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1951"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1951",
          "url": "https://www.suse.com/security/cve/CVE-2012-1951"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1951",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1951"
    },
    {
      "cve": "CVE-2012-1955",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1955"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1955",
          "url": "https://www.suse.com/security/cve/CVE-2012-1955"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1955",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1955"
    },
    {
      "cve": "CVE-2012-1956",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1956"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1956",
          "url": "https://www.suse.com/security/cve/CVE-2012-1956"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-1956",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-1956"
    },
    {
      "cve": "CVE-2012-1957",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1957"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1957",
          "url": "https://www.suse.com/security/cve/CVE-2012-1957"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1957",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1957"
    },
    {
      "cve": "CVE-2012-1958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1958",
          "url": "https://www.suse.com/security/cve/CVE-2012-1958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1958",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1958"
    },
    {
      "cve": "CVE-2012-1959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1959",
          "url": "https://www.suse.com/security/cve/CVE-2012-1959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1959",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1959"
    },
    {
      "cve": "CVE-2012-1960",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1960"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1960",
          "url": "https://www.suse.com/security/cve/CVE-2012-1960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1960",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-1960"
    },
    {
      "cve": "CVE-2012-1961",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1961"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1961",
          "url": "https://www.suse.com/security/cve/CVE-2012-1961"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1961",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1961"
    },
    {
      "cve": "CVE-2012-1962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1962",
          "url": "https://www.suse.com/security/cve/CVE-2012-1962"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1962",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1962"
    },
    {
      "cve": "CVE-2012-1963",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1963"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1963",
          "url": "https://www.suse.com/security/cve/CVE-2012-1963"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1963",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1963"
    },
    {
      "cve": "CVE-2012-1965",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1965"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1965",
          "url": "https://www.suse.com/security/cve/CVE-2012-1965"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1965",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1965"
    },
    {
      "cve": "CVE-2012-1966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1966",
          "url": "https://www.suse.com/security/cve/CVE-2012-1966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1966",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1966"
    },
    {
      "cve": "CVE-2012-1967",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1967"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1967",
          "url": "https://www.suse.com/security/cve/CVE-2012-1967"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 771583 for CVE-2012-1967",
          "url": "https://bugzilla.suse.com/771583"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1967"
    },
    {
      "cve": "CVE-2012-1970",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1970"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1970",
          "url": "https://www.suse.com/security/cve/CVE-2012-1970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-1970",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1970"
    },
    {
      "cve": "CVE-2012-1972",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1972"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1972",
          "url": "https://www.suse.com/security/cve/CVE-2012-1972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-1972",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1972"
    },
    {
      "cve": "CVE-2012-1976",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-1976"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-1976",
          "url": "https://www.suse.com/security/cve/CVE-2012-1976"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-1976",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-1976"
    },
    {
      "cve": "CVE-2012-3960",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3960"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3960",
          "url": "https://www.suse.com/security/cve/CVE-2012-3960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3960",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3960"
    },
    {
      "cve": "CVE-2012-3965",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3965"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3965",
          "url": "https://www.suse.com/security/cve/CVE-2012-3965"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3965",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3965"
    },
    {
      "cve": "CVE-2012-3966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a negative height value in a BMP image within a .ICO file, related to (1) improper handling of the transparency bitmask by the nsICODecoder component and (2) improper processing of the alpha channel by the nsBMPDecoder component.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3966",
          "url": "https://www.suse.com/security/cve/CVE-2012-3966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3966",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3966"
    },
    {
      "cve": "CVE-2012-3967",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3967"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3967",
          "url": "https://www.suse.com/security/cve/CVE-2012-3967"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3967",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3967"
    },
    {
      "cve": "CVE-2012-3969",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3969"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3969",
          "url": "https://www.suse.com/security/cve/CVE-2012-3969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3969",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3969"
    },
    {
      "cve": "CVE-2012-3971",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3971"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3971",
          "url": "https://www.suse.com/security/cve/CVE-2012-3971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3971",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3971"
    },
    {
      "cve": "CVE-2012-3972",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3972"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3972",
          "url": "https://www.suse.com/security/cve/CVE-2012-3972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3972",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-3972"
    },
    {
      "cve": "CVE-2012-3973",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3973"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and connecting to that service through the HTTPMonitor port.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3973",
          "url": "https://www.suse.com/security/cve/CVE-2012-3973"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3973",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2012-3973"
    },
    {
      "cve": "CVE-2012-3975",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3975"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3975",
          "url": "https://www.suse.com/security/cve/CVE-2012-3975"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3975",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-3975"
    },
    {
      "cve": "CVE-2012-3976",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3976"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3976",
          "url": "https://www.suse.com/security/cve/CVE-2012-3976"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3976",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-3976"
    },
    {
      "cve": "CVE-2012-3978",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3978"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3978",
          "url": "https://www.suse.com/security/cve/CVE-2012-3978"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3978",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-3978"
    },
    {
      "cve": "CVE-2012-3980",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3980"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and triggers an eval operation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3980",
          "url": "https://www.suse.com/security/cve/CVE-2012-3980"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 777588 for CVE-2012-3980",
          "url": "https://bugzilla.suse.com/777588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3980"
    },
    {
      "cve": "CVE-2012-3982",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3982"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3982",
          "url": "https://www.suse.com/security/cve/CVE-2012-3982"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3982",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3982"
    },
    {
      "cve": "CVE-2012-3984",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3984"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element\u0027s menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3984",
          "url": "https://www.suse.com/security/cve/CVE-2012-3984"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3984",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-3984"
    },
    {
      "cve": "CVE-2012-3985",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3985"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly implement the HTML5 Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging initial-origin access after document.domain has been set.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3985",
          "url": "https://www.suse.com/security/cve/CVE-2012-3985"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3985",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-3985"
    },
    {
      "cve": "CVE-2012-3986",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3986"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3986",
          "url": "https://www.suse.com/security/cve/CVE-2012-3986"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3986",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3986"
    },
    {
      "cve": "CVE-2012-3988",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3988"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3988",
          "url": "https://www.suse.com/security/cve/CVE-2012-3988"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3988",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3988"
    },
    {
      "cve": "CVE-2012-3989",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3989"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object, which allows remote attackers to execute arbitrary code or cause a denial of service (assertion failure) via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3989",
          "url": "https://www.suse.com/security/cve/CVE-2012-3989"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3989",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3989"
    },
    {
      "cve": "CVE-2012-3990",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3990"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3990",
          "url": "https://www.suse.com/security/cve/CVE-2012-3990"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3990",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3990"
    },
    {
      "cve": "CVE-2012-3991",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3991"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass the Same Origin Policy and possibly have unspecified other impact via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3991",
          "url": "https://www.suse.com/security/cve/CVE-2012-3991"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3991",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3991"
    },
    {
      "cve": "CVE-2012-3992",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3992"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3992",
          "url": "https://www.suse.com/security/cve/CVE-2012-3992"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3992",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3992"
    },
    {
      "cve": "CVE-2012-3993",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3993"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an \"XrayWrapper pollution\" issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3993",
          "url": "https://www.suse.com/security/cve/CVE-2012-3993"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3993",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3993"
    },
    {
      "cve": "CVE-2012-3994",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3994"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3994",
          "url": "https://www.suse.com/security/cve/CVE-2012-3994"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3994",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3994"
    },
    {
      "cve": "CVE-2012-3995",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-3995"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-3995",
          "url": "https://www.suse.com/security/cve/CVE-2012-3995"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-3995",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-3995"
    },
    {
      "cve": "CVE-2012-4181",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4181"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4181",
          "url": "https://www.suse.com/security/cve/CVE-2012-4181"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-4181",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-4181"
    },
    {
      "cve": "CVE-2012-4185",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4185"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4185",
          "url": "https://www.suse.com/security/cve/CVE-2012-4185"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-4185",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-4185"
    },
    {
      "cve": "CVE-2012-4188",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4188"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4188",
          "url": "https://www.suse.com/security/cve/CVE-2012-4188"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 783533 for CVE-2012-4188",
          "url": "https://bugzilla.suse.com/783533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-4188"
    },
    {
      "cve": "CVE-2012-4191",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4191"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::net::FailDelayManager::Lookup function in the WebSockets implementation in Mozilla Firefox before 16.0.1, Thunderbird before 16.0.1, and SeaMonkey before 2.13.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4191",
          "url": "https://www.suse.com/security/cve/CVE-2012-4191"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-4191"
    },
    {
      "cve": "CVE-2012-4192",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4192"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote attackers to bypass the Same Origin Policy and read the properties of a Location object via a crafted web site, a related issue to CVE-2012-4193.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4192",
          "url": "https://www.suse.com/security/cve/CVE-2012-4192"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-4192"
    },
    {
      "cve": "CVE-2012-4194",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4194"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4194",
          "url": "https://www.suse.com/security/cve/CVE-2012-4194"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 786522 for CVE-2012-4194",
          "url": "https://bugzilla.suse.com/786522"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-4194"
    },
    {
      "cve": "CVE-2012-4201",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4201"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4201",
          "url": "https://www.suse.com/security/cve/CVE-2012-4201"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-4201",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-4201"
    },
    {
      "cve": "CVE-2012-4202",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4202"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4202",
          "url": "https://www.suse.com/security/cve/CVE-2012-4202"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-4202",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-4202"
    },
    {
      "cve": "CVE-2012-4203",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4203"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4203",
          "url": "https://www.suse.com/security/cve/CVE-2012-4203"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-4203",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-4203"
    },
    {
      "cve": "CVE-2012-4204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4204",
          "url": "https://www.suse.com/security/cve/CVE-2012-4204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-4204",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-4204"
    },
    {
      "cve": "CVE-2012-4205",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4205"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks or obtain sensitive information by leveraging a sandboxed add-on.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4205",
          "url": "https://www.suse.com/security/cve/CVE-2012-4205"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-4205",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-4205"
    },
    {
      "cve": "CVE-2012-4207",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4207"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4207",
          "url": "https://www.suse.com/security/cve/CVE-2012-4207"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-4207",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-4207"
    },
    {
      "cve": "CVE-2012-4208",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4208"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4208",
          "url": "https://www.suse.com/security/cve/CVE-2012-4208"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-4208",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-4208"
    },
    {
      "cve": "CVE-2012-4209",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4209"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a \"top\" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4209",
          "url": "https://www.suse.com/security/cve/CVE-2012-4209"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-4209",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-4209"
    },
    {
      "cve": "CVE-2012-4210",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4210"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4210",
          "url": "https://www.suse.com/security/cve/CVE-2012-4210"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-4210",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-4210"
    },
    {
      "cve": "CVE-2012-4213",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4213"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4213",
          "url": "https://www.suse.com/security/cve/CVE-2012-4213"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-4213",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-4213"
    },
    {
      "cve": "CVE-2012-4214",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-4214"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-4214",
          "url": "https://www.suse.com/security/cve/CVE-2012-4214"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-4214",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-4214"
    },
    {
      "cve": "CVE-2012-5829",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-5829"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-5829",
          "url": "https://www.suse.com/security/cve/CVE-2012-5829"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-5829",
          "url": "https://bugzilla.suse.com/790140"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2012-5829",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-5829"
    },
    {
      "cve": "CVE-2012-5830",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-5830"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-5830",
          "url": "https://www.suse.com/security/cve/CVE-2012-5830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-5830",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2012-5830"
    },
    {
      "cve": "CVE-2012-5836",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-5836"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-5836",
          "url": "https://www.suse.com/security/cve/CVE-2012-5836"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-5836",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2012-5836"
    },
    {
      "cve": "CVE-2012-5837",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-5837"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-5837",
          "url": "https://www.suse.com/security/cve/CVE-2012-5837"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-5837",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-5837"
    },
    {
      "cve": "CVE-2012-5841",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-5841"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-5841",
          "url": "https://www.suse.com/security/cve/CVE-2012-5841"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-5841",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-5841"
    },
    {
      "cve": "CVE-2012-5842",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-5842"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-5842",
          "url": "https://www.suse.com/security/cve/CVE-2012-5842"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 790140 for CVE-2012-5842",
          "url": "https://bugzilla.suse.com/790140"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2012-5842"
    },
    {
      "cve": "CVE-2013-0743",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0743"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: This candidate was withdrawn by its CNA at the suggestion of the CVE project team.  The candidate had been associated with a correct report of a security problem, but not a problem that is categorized as a vulnerability within CVE.  Compromised or unauthorized SSL certificates are not within CVE\u0027s scope.  Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0743",
          "url": "https://www.suse.com/security/cve/CVE-2013-0743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0743",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0743"
    },
    {
      "cve": "CVE-2013-0744",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0744"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0744",
          "url": "https://www.suse.com/security/cve/CVE-2013-0744"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0744",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0744"
    },
    {
      "cve": "CVE-2013-0745",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0745"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0745",
          "url": "https://www.suse.com/security/cve/CVE-2013-0745"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0745",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0745"
    },
    {
      "cve": "CVE-2013-0746",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0746"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0746",
          "url": "https://www.suse.com/security/cve/CVE-2013-0746"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0746",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0746"
    },
    {
      "cve": "CVE-2013-0747",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0747"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0747",
          "url": "https://www.suse.com/security/cve/CVE-2013-0747"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0747",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0747"
    },
    {
      "cve": "CVE-2013-0748",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0748"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0748",
          "url": "https://www.suse.com/security/cve/CVE-2013-0748"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0748",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0748"
    },
    {
      "cve": "CVE-2013-0749",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0749"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0749",
          "url": "https://www.suse.com/security/cve/CVE-2013-0749"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0749",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0749"
    },
    {
      "cve": "CVE-2013-0750",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0750"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0750",
          "url": "https://www.suse.com/security/cve/CVE-2013-0750"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0750",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0750"
    },
    {
      "cve": "CVE-2013-0751",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0751"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0751",
          "url": "https://www.suse.com/security/cve/CVE-2013-0751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0751",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-0751"
    },
    {
      "cve": "CVE-2013-0752",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0752"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0752",
          "url": "https://www.suse.com/security/cve/CVE-2013-0752"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0752",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0752"
    },
    {
      "cve": "CVE-2013-0753",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0753"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0753",
          "url": "https://www.suse.com/security/cve/CVE-2013-0753"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0753",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0753"
    },
    {
      "cve": "CVE-2013-0754",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0754"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0754",
          "url": "https://www.suse.com/security/cve/CVE-2013-0754"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0754",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0754"
    },
    {
      "cve": "CVE-2013-0755",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0755"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0755",
          "url": "https://www.suse.com/security/cve/CVE-2013-0755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0755",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0755"
    },
    {
      "cve": "CVE-2013-0756",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0756"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0756",
          "url": "https://www.suse.com/security/cve/CVE-2013-0756"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0756",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0756"
    },
    {
      "cve": "CVE-2013-0757",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0757"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0757",
          "url": "https://www.suse.com/security/cve/CVE-2013-0757"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0757",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0757"
    },
    {
      "cve": "CVE-2013-0758",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0758"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0758",
          "url": "https://www.suse.com/security/cve/CVE-2013-0758"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0758",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0758"
    },
    {
      "cve": "CVE-2013-0760",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0760"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0760",
          "url": "https://www.suse.com/security/cve/CVE-2013-0760"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0760",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0760"
    },
    {
      "cve": "CVE-2013-0761",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0761"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0761",
          "url": "https://www.suse.com/security/cve/CVE-2013-0761"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0761",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0761"
    },
    {
      "cve": "CVE-2013-0764",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0764"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0764",
          "url": "https://www.suse.com/security/cve/CVE-2013-0764"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0764",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0764"
    },
    {
      "cve": "CVE-2013-0765",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0765"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0765",
          "url": "https://www.suse.com/security/cve/CVE-2013-0765"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 804248 for CVE-2013-0765",
          "url": "https://bugzilla.suse.com/804248"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0765"
    },
    {
      "cve": "CVE-2013-0768",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0768"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0768",
          "url": "https://www.suse.com/security/cve/CVE-2013-0768"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 796895 for CVE-2013-0768",
          "url": "https://bugzilla.suse.com/796895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0768"
    },
    {
      "cve": "CVE-2013-0772",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0772"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0772",
          "url": "https://www.suse.com/security/cve/CVE-2013-0772"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 804248 for CVE-2013-0772",
          "url": "https://bugzilla.suse.com/804248"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-0772"
    },
    {
      "cve": "CVE-2013-0773",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0773"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0773",
          "url": "https://www.suse.com/security/cve/CVE-2013-0773"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 804248 for CVE-2013-0773",
          "url": "https://bugzilla.suse.com/804248"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0773"
    },
    {
      "cve": "CVE-2013-0774",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0774"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0774",
          "url": "https://www.suse.com/security/cve/CVE-2013-0774"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 804248 for CVE-2013-0774",
          "url": "https://bugzilla.suse.com/804248"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-0774"
    },
    {
      "cve": "CVE-2013-0775",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0775"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0775",
          "url": "https://www.suse.com/security/cve/CVE-2013-0775"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 804248 for CVE-2013-0775",
          "url": "https://bugzilla.suse.com/804248"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0775"
    },
    {
      "cve": "CVE-2013-0776",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0776"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0776",
          "url": "https://www.suse.com/security/cve/CVE-2013-0776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 804248 for CVE-2013-0776",
          "url": "https://bugzilla.suse.com/804248"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-0776"
    },
    {
      "cve": "CVE-2013-0778",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0778"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0778",
          "url": "https://www.suse.com/security/cve/CVE-2013-0778"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 804248 for CVE-2013-0778",
          "url": "https://bugzilla.suse.com/804248"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0778"
    },
    {
      "cve": "CVE-2013-0780",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0780"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0780",
          "url": "https://www.suse.com/security/cve/CVE-2013-0780"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 804248 for CVE-2013-0780",
          "url": "https://bugzilla.suse.com/804248"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0780"
    },
    {
      "cve": "CVE-2013-0783",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0783"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0783",
          "url": "https://www.suse.com/security/cve/CVE-2013-0783"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 804248 for CVE-2013-0783",
          "url": "https://bugzilla.suse.com/804248"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0783"
    },
    {
      "cve": "CVE-2013-0787",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0787"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0787",
          "url": "https://www.suse.com/security/cve/CVE-2013-0787"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 808243 for CVE-2013-0787",
          "url": "https://bugzilla.suse.com/808243"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0787"
    },
    {
      "cve": "CVE-2013-0788",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0788"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0788",
          "url": "https://www.suse.com/security/cve/CVE-2013-0788"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 813026 for CVE-2013-0788",
          "url": "https://bugzilla.suse.com/813026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-0788",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0788"
    },
    {
      "cve": "CVE-2013-0792",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0792"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0792",
          "url": "https://www.suse.com/security/cve/CVE-2013-0792"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 813026 for CVE-2013-0792",
          "url": "https://bugzilla.suse.com/813026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-0792",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-0792"
    },
    {
      "cve": "CVE-2013-0793",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0793"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0793",
          "url": "https://www.suse.com/security/cve/CVE-2013-0793"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-0793",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-0793"
    },
    {
      "cve": "CVE-2013-0794",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0794"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0794",
          "url": "https://www.suse.com/security/cve/CVE-2013-0794"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 813026 for CVE-2013-0794",
          "url": "https://bugzilla.suse.com/813026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-0794",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-0794"
    },
    {
      "cve": "CVE-2013-0795",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0795"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0795",
          "url": "https://www.suse.com/security/cve/CVE-2013-0795"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 813026 for CVE-2013-0795",
          "url": "https://bugzilla.suse.com/813026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-0795",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0795"
    },
    {
      "cve": "CVE-2013-0796",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0796"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0796",
          "url": "https://www.suse.com/security/cve/CVE-2013-0796"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 813026 for CVE-2013-0796",
          "url": "https://bugzilla.suse.com/813026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-0796",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0796"
    },
    {
      "cve": "CVE-2013-0800",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0800"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0800",
          "url": "https://www.suse.com/security/cve/CVE-2013-0800"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 813026 for CVE-2013-0800",
          "url": "https://bugzilla.suse.com/813026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-0800",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-0800"
    },
    {
      "cve": "CVE-2013-0801",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0801"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0801",
          "url": "https://www.suse.com/security/cve/CVE-2013-0801"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-0801",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0801"
    },
    {
      "cve": "CVE-2013-1670",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1670"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read-only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1670",
          "url": "https://www.suse.com/security/cve/CVE-2013-1670"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-1670",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1670"
    },
    {
      "cve": "CVE-2013-1671",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1671"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1671",
          "url": "https://www.suse.com/security/cve/CVE-2013-1671"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-1671",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1671"
    },
    {
      "cve": "CVE-2013-1674",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1674"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1674",
          "url": "https://www.suse.com/security/cve/CVE-2013-1674"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-1674",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1674"
    },
    {
      "cve": "CVE-2013-1675",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1675"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1675",
          "url": "https://www.suse.com/security/cve/CVE-2013-1675"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-1675",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1675"
    },
    {
      "cve": "CVE-2013-1676",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1676"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1676",
          "url": "https://www.suse.com/security/cve/CVE-2013-1676"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-1676",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1676"
    },
    {
      "cve": "CVE-2013-1679",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1679"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1679",
          "url": "https://www.suse.com/security/cve/CVE-2013-1679"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 819204 for CVE-2013-1679",
          "url": "https://bugzilla.suse.com/819204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1679"
    },
    {
      "cve": "CVE-2013-1682",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1682"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1682",
          "url": "https://www.suse.com/security/cve/CVE-2013-1682"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1682",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1682"
    },
    {
      "cve": "CVE-2013-1684",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1684"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1684",
          "url": "https://www.suse.com/security/cve/CVE-2013-1684"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1684",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1684"
    },
    {
      "cve": "CVE-2013-1687",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1687"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1687",
          "url": "https://www.suse.com/security/cve/CVE-2013-1687"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1687",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1687"
    },
    {
      "cve": "CVE-2013-1688",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1688"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Profiler implementation in Mozilla Firefox before 22.0 parses untrusted data during UI rendering, which allows user-assisted remote attackers to execute arbitrary JavaScript code via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1688",
          "url": "https://www.suse.com/security/cve/CVE-2013-1688"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1688",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1688"
    },
    {
      "cve": "CVE-2013-1690",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1690"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1690",
          "url": "https://www.suse.com/security/cve/CVE-2013-1690"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1690",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1690"
    },
    {
      "cve": "CVE-2013-1692",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1692"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1692",
          "url": "https://www.suse.com/security/cve/CVE-2013-1692"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1692",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1692"
    },
    {
      "cve": "CVE-2013-1693",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1693"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1693",
          "url": "https://www.suse.com/security/cve/CVE-2013-1693"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1693",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1693"
    },
    {
      "cve": "CVE-2013-1694",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1694"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache\u0027s preserved-wrapper flag.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1694",
          "url": "https://www.suse.com/security/cve/CVE-2013-1694"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1694",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-1694"
    },
    {
      "cve": "CVE-2013-1695",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1695"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 22.0 does not properly implement certain DocShell inheritance behavior for the sandbox attribute of an IFRAME element, which allows remote attackers to bypass intended access restrictions via a FRAME element within an IFRAME element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1695",
          "url": "https://www.suse.com/security/cve/CVE-2013-1695"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1695",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1695"
    },
    {
      "cve": "CVE-2013-1696",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1696"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1696",
          "url": "https://www.suse.com/security/cve/CVE-2013-1696"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1696",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1696"
    },
    {
      "cve": "CVE-2013-1697",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1697"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1697",
          "url": "https://www.suse.com/security/cve/CVE-2013-1697"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1697",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1697"
    },
    {
      "cve": "CVE-2013-1698",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1698"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME elements.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1698",
          "url": "https://www.suse.com/security/cve/CVE-2013-1698"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1698",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1698"
    },
    {
      "cve": "CVE-2013-1699",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1699"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Internationalized Domain Name (IDN) display algorithm in Mozilla Firefox before 22.0 does not properly handle the .com, .name, and .net top-level domains, which allows remote attackers to spoof the address bar via unspecified homograph characters.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1699",
          "url": "https://www.suse.com/security/cve/CVE-2013-1699"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 825935 for CVE-2013-1699",
          "url": "https://bugzilla.suse.com/825935"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1699"
    },
    {
      "cve": "CVE-2013-1701",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1701"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1701",
          "url": "https://www.suse.com/security/cve/CVE-2013-1701"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 833389 for CVE-2013-1701",
          "url": "https://bugzilla.suse.com/833389"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1701"
    },
    {
      "cve": "CVE-2013-1704",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1704"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsINode::GetParentNode function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a DOM modification at the time of a SetBody mutation event.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1704",
          "url": "https://www.suse.com/security/cve/CVE-2013-1704"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 833389 for CVE-2013-1704",
          "url": "https://bugzilla.suse.com/833389"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-1704"
    },
    {
      "cve": "CVE-2013-1705",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1705"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer underflow in the cryptojs_interpret_key_gen_type function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Certificate Request Message Format (CRMF) request.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1705",
          "url": "https://www.suse.com/security/cve/CVE-2013-1705"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 833389 for CVE-2013-1705",
          "url": "https://bugzilla.suse.com/833389"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1705",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1705"
    },
    {
      "cve": "CVE-2013-1708",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1708"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1708",
          "url": "https://www.suse.com/security/cve/CVE-2013-1708"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 833389 for CVE-2013-1708",
          "url": "https://bugzilla.suse.com/833389"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-1708"
    },
    {
      "cve": "CVE-2013-1709",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1709"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1709",
          "url": "https://www.suse.com/security/cve/CVE-2013-1709"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 833389 for CVE-2013-1709",
          "url": "https://bugzilla.suse.com/833389"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1709"
    },
    {
      "cve": "CVE-2013-1710",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1710"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1710",
          "url": "https://www.suse.com/security/cve/CVE-2013-1710"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 833389 for CVE-2013-1710",
          "url": "https://bugzilla.suse.com/833389"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1710"
    },
    {
      "cve": "CVE-2013-1711",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1711"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging access to an unprivileged object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1711",
          "url": "https://www.suse.com/security/cve/CVE-2013-1711"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 833389 for CVE-2013-1711",
          "url": "https://bugzilla.suse.com/833389"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-1711"
    },
    {
      "cve": "CVE-2013-1713",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1713"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks or install arbitrary add-ons via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1713",
          "url": "https://www.suse.com/security/cve/CVE-2013-1713"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 833389 for CVE-2013-1713",
          "url": "https://bugzilla.suse.com/833389"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1713"
    },
    {
      "cve": "CVE-2013-1714",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1714"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1714",
          "url": "https://www.suse.com/security/cve/CVE-2013-1714"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 833389 for CVE-2013-1714",
          "url": "https://bugzilla.suse.com/833389"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1714"
    },
    {
      "cve": "CVE-2013-1717",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1717"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1717",
          "url": "https://www.suse.com/security/cve/CVE-2013-1717"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 833389 for CVE-2013-1717",
          "url": "https://bugzilla.suse.com/833389"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1717"
    },
    {
      "cve": "CVE-2013-1718",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1718"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1718",
          "url": "https://www.suse.com/security/cve/CVE-2013-1718"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1718",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1718"
    },
    {
      "cve": "CVE-2013-1720",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1720"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1720",
          "url": "https://www.suse.com/security/cve/CVE-2013-1720"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1720",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1720"
    },
    {
      "cve": "CVE-2013-1721",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1721"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1721",
          "url": "https://www.suse.com/security/cve/CVE-2013-1721"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1721",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-1721"
    },
    {
      "cve": "CVE-2013-1722",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1722"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1722",
          "url": "https://www.suse.com/security/cve/CVE-2013-1722"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1722",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1722"
    },
    {
      "cve": "CVE-2013-1723",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1723"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1723",
          "url": "https://www.suse.com/security/cve/CVE-2013-1723"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1723",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-1723"
    },
    {
      "cve": "CVE-2013-1724",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1724"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1724",
          "url": "https://www.suse.com/security/cve/CVE-2013-1724"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1724",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-1724"
    },
    {
      "cve": "CVE-2013-1725",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1725"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1725",
          "url": "https://www.suse.com/security/cve/CVE-2013-1725"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1725",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1725"
    },
    {
      "cve": "CVE-2013-1728",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1728"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1728",
          "url": "https://www.suse.com/security/cve/CVE-2013-1728"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1728",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-1728"
    },
    {
      "cve": "CVE-2013-1730",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1730"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1730",
          "url": "https://www.suse.com/security/cve/CVE-2013-1730"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1730",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1730"
    },
    {
      "cve": "CVE-2013-1732",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1732"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1732",
          "url": "https://www.suse.com/security/cve/CVE-2013-1732"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1732",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1732"
    },
    {
      "cve": "CVE-2013-1735",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1735"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related to image-document scrolling.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1735",
          "url": "https://www.suse.com/security/cve/CVE-2013-1735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1735",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-1735"
    },
    {
      "cve": "CVE-2013-1737",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1737"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the \"this\" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1737",
          "url": "https://www.suse.com/security/cve/CVE-2013-1737"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1737",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-1737"
    },
    {
      "cve": "CVE-2013-1738",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1738"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1738",
          "url": "https://www.suse.com/security/cve/CVE-2013-1738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 840485 for CVE-2013-1738",
          "url": "https://bugzilla.suse.com/840485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-1738"
    },
    {
      "cve": "CVE-2013-5590",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5590"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5590",
          "url": "https://www.suse.com/security/cve/CVE-2013-5590"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 847708 for CVE-2013-5590",
          "url": "https://bugzilla.suse.com/847708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-5590"
    },
    {
      "cve": "CVE-2013-5593",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5593"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5593",
          "url": "https://www.suse.com/security/cve/CVE-2013-5593"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 847708 for CVE-2013-5593",
          "url": "https://bugzilla.suse.com/847708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-5593"
    },
    {
      "cve": "CVE-2013-5595",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5595"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5595",
          "url": "https://www.suse.com/security/cve/CVE-2013-5595"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 847708 for CVE-2013-5595",
          "url": "https://bugzilla.suse.com/847708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-5595"
    },
    {
      "cve": "CVE-2013-5596",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5596"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5596",
          "url": "https://www.suse.com/security/cve/CVE-2013-5596"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 847708 for CVE-2013-5596",
          "url": "https://bugzilla.suse.com/847708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-5596"
    },
    {
      "cve": "CVE-2013-5597",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5597"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5597",
          "url": "https://www.suse.com/security/cve/CVE-2013-5597"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 847708 for CVE-2013-5597",
          "url": "https://bugzilla.suse.com/847708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-5597"
    },
    {
      "cve": "CVE-2013-5598",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5598"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5598",
          "url": "https://www.suse.com/security/cve/CVE-2013-5598"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 847708 for CVE-2013-5598",
          "url": "https://bugzilla.suse.com/847708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-5598"
    },
    {
      "cve": "CVE-2013-5599",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5599"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5599",
          "url": "https://www.suse.com/security/cve/CVE-2013-5599"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 847708 for CVE-2013-5599",
          "url": "https://bugzilla.suse.com/847708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-5599"
    },
    {
      "cve": "CVE-2013-5602",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5602"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5602",
          "url": "https://www.suse.com/security/cve/CVE-2013-5602"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 847708 for CVE-2013-5602",
          "url": "https://bugzilla.suse.com/847708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-5602"
    },
    {
      "cve": "CVE-2013-5603",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5603"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5603",
          "url": "https://www.suse.com/security/cve/CVE-2013-5603"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 847708 for CVE-2013-5603",
          "url": "https://bugzilla.suse.com/847708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-5603"
    },
    {
      "cve": "CVE-2013-5604",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5604"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5604",
          "url": "https://www.suse.com/security/cve/CVE-2013-5604"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 847708 for CVE-2013-5604",
          "url": "https://bugzilla.suse.com/847708"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-5604"
    },
    {
      "cve": "CVE-2013-5609",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5609"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5609",
          "url": "https://www.suse.com/security/cve/CVE-2013-5609"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-5609",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-5609"
    },
    {
      "cve": "CVE-2013-5611",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5611"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5611",
          "url": "https://www.suse.com/security/cve/CVE-2013-5611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-5611",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-5611"
    },
    {
      "cve": "CVE-2013-5612",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5612"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5612",
          "url": "https://www.suse.com/security/cve/CVE-2013-5612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-5612",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-5612"
    },
    {
      "cve": "CVE-2013-5613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5613",
          "url": "https://www.suse.com/security/cve/CVE-2013-5613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-5613",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-5613"
    },
    {
      "cve": "CVE-2013-5614",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5614"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5614",
          "url": "https://www.suse.com/security/cve/CVE-2013-5614"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-5614",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-5614"
    },
    {
      "cve": "CVE-2013-5615",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5615"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5615",
          "url": "https://www.suse.com/security/cve/CVE-2013-5615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-5615",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-5615"
    },
    {
      "cve": "CVE-2013-5616",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5616"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5616",
          "url": "https://www.suse.com/security/cve/CVE-2013-5616"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-5616",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-5616"
    },
    {
      "cve": "CVE-2013-5618",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5618"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5618",
          "url": "https://www.suse.com/security/cve/CVE-2013-5618"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-5618",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-5618"
    },
    {
      "cve": "CVE-2013-5619",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-5619"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-5619",
          "url": "https://www.suse.com/security/cve/CVE-2013-5619"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-5619",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-5619"
    },
    {
      "cve": "CVE-2013-6629",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-6629"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-6629",
          "url": "https://www.suse.com/security/cve/CVE-2013-6629"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 850430 for CVE-2013-6629",
          "url": "https://bugzilla.suse.com/850430"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 873872 for CVE-2013-6629",
          "url": "https://bugzilla.suse.com/873872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 873873 for CVE-2013-6629",
          "url": "https://bugzilla.suse.com/873873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 877429 for CVE-2013-6629",
          "url": "https://bugzilla.suse.com/877429"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 877430 for CVE-2013-6629",
          "url": "https://bugzilla.suse.com/877430"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 880246 for CVE-2013-6629",
          "url": "https://bugzilla.suse.com/880246"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-6629"
    },
    {
      "cve": "CVE-2013-6671",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-6671"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-6671",
          "url": "https://www.suse.com/security/cve/CVE-2013-6671"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-6671",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-6671"
    },
    {
      "cve": "CVE-2013-6672",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-6672"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-6672",
          "url": "https://www.suse.com/security/cve/CVE-2013-6672"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-6672",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-6672"
    },
    {
      "cve": "CVE-2013-6673",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-6673"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user\u0027s removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-6673",
          "url": "https://www.suse.com/security/cve/CVE-2013-6673"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854370 for CVE-2013-6673",
          "url": "https://bugzilla.suse.com/854370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-6673"
    },
    {
      "cve": "CVE-2014-1477",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1477"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1477",
          "url": "https://www.suse.com/security/cve/CVE-2014-1477"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1477",
          "url": "https://bugzilla.suse.com/861847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 862345 for CVE-2014-1477",
          "url": "https://bugzilla.suse.com/862345"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1477"
    },
    {
      "cve": "CVE-2014-1479",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1479"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1479",
          "url": "https://www.suse.com/security/cve/CVE-2014-1479"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1479",
          "url": "https://bugzilla.suse.com/861847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 862348 for CVE-2014-1479",
          "url": "https://bugzilla.suse.com/862348"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1479"
    },
    {
      "cve": "CVE-2014-1480",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1480"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1480",
          "url": "https://www.suse.com/security/cve/CVE-2014-1480"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1480",
          "url": "https://bugzilla.suse.com/861847"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1480"
    },
    {
      "cve": "CVE-2014-1481",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1481"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1481",
          "url": "https://www.suse.com/security/cve/CVE-2014-1481"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1481",
          "url": "https://bugzilla.suse.com/861847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 862309 for CVE-2014-1481",
          "url": "https://bugzilla.suse.com/862309"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1481"
    },
    {
      "cve": "CVE-2014-1482",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1482"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1482",
          "url": "https://www.suse.com/security/cve/CVE-2014-1482"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1482",
          "url": "https://bugzilla.suse.com/861847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 862356 for CVE-2014-1482",
          "url": "https://bugzilla.suse.com/862356"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1482"
    },
    {
      "cve": "CVE-2014-1483",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1483"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1483",
          "url": "https://www.suse.com/security/cve/CVE-2014-1483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1483",
          "url": "https://bugzilla.suse.com/861847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 862360 for CVE-2014-1483",
          "url": "https://bugzilla.suse.com/862360"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1483"
    },
    {
      "cve": "CVE-2014-1484",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1484"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1484",
          "url": "https://www.suse.com/security/cve/CVE-2014-1484"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1484",
          "url": "https://bugzilla.suse.com/861847"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1484"
    },
    {
      "cve": "CVE-2014-1485",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1485"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1485",
          "url": "https://www.suse.com/security/cve/CVE-2014-1485"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1485",
          "url": "https://bugzilla.suse.com/861847"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1485"
    },
    {
      "cve": "CVE-2014-1486",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1486"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1486",
          "url": "https://www.suse.com/security/cve/CVE-2014-1486"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1486",
          "url": "https://bugzilla.suse.com/861847"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1486"
    },
    {
      "cve": "CVE-2014-1487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1487",
          "url": "https://www.suse.com/security/cve/CVE-2014-1487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1487",
          "url": "https://bugzilla.suse.com/861847"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1487"
    },
    {
      "cve": "CVE-2014-1488",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1488"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1488",
          "url": "https://www.suse.com/security/cve/CVE-2014-1488"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1488",
          "url": "https://bugzilla.suse.com/861847"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1488"
    },
    {
      "cve": "CVE-2014-1489",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1489"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1489",
          "url": "https://www.suse.com/security/cve/CVE-2014-1489"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1489",
          "url": "https://bugzilla.suse.com/861847"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1489"
    },
    {
      "cve": "CVE-2014-1490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1490",
          "url": "https://www.suse.com/security/cve/CVE-2014-1490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 861847 for CVE-2014-1490",
          "url": "https://bugzilla.suse.com/861847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 862300 for CVE-2014-1490",
          "url": "https://bugzilla.suse.com/862300"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1490"
    },
    {
      "cve": "CVE-2014-1492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name\u0027s U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1492",
          "url": "https://www.suse.com/security/cve/CVE-2014-1492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 869827 for CVE-2014-1492",
          "url": "https://bugzilla.suse.com/869827"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 926974 for CVE-2014-1492",
          "url": "https://bugzilla.suse.com/926974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1492"
    },
    {
      "cve": "CVE-2014-1493",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1493"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1493",
          "url": "https://www.suse.com/security/cve/CVE-2014-1493"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1493",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1493"
    },
    {
      "cve": "CVE-2014-1497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1497",
          "url": "https://www.suse.com/security/cve/CVE-2014-1497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1497",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1497"
    },
    {
      "cve": "CVE-2014-1498",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1498"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1498",
          "url": "https://www.suse.com/security/cve/CVE-2014-1498"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1498",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1498"
    },
    {
      "cve": "CVE-2014-1499",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1499"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1499",
          "url": "https://www.suse.com/security/cve/CVE-2014-1499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1499",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1499"
    },
    {
      "cve": "CVE-2014-1500",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1500"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1500",
          "url": "https://www.suse.com/security/cve/CVE-2014-1500"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1500",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1500"
    },
    {
      "cve": "CVE-2014-1502",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1502"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1502",
          "url": "https://www.suse.com/security/cve/CVE-2014-1502"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1502",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1502"
    },
    {
      "cve": "CVE-2014-1504",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1504"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1504",
          "url": "https://www.suse.com/security/cve/CVE-2014-1504"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1504",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1504"
    },
    {
      "cve": "CVE-2014-1505",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1505"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1505",
          "url": "https://www.suse.com/security/cve/CVE-2014-1505"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1505",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1505"
    },
    {
      "cve": "CVE-2014-1508",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1508"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1508",
          "url": "https://www.suse.com/security/cve/CVE-2014-1508"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1508",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1508"
    },
    {
      "cve": "CVE-2014-1509",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1509"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1509",
          "url": "https://www.suse.com/security/cve/CVE-2014-1509"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1509",
          "url": "https://bugzilla.suse.com/868603"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 869339 for CVE-2014-1509",
          "url": "https://bugzilla.suse.com/869339"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1509"
    },
    {
      "cve": "CVE-2014-1510",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1510"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1510",
          "url": "https://www.suse.com/security/cve/CVE-2014-1510"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1510",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1510"
    },
    {
      "cve": "CVE-2014-1512",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1512"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1512",
          "url": "https://www.suse.com/security/cve/CVE-2014-1512"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1512",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1512"
    },
    {
      "cve": "CVE-2014-1513",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1513"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1513",
          "url": "https://www.suse.com/security/cve/CVE-2014-1513"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1513",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1513"
    },
    {
      "cve": "CVE-2014-1514",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1514"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1514",
          "url": "https://www.suse.com/security/cve/CVE-2014-1514"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 868603 for CVE-2014-1514",
          "url": "https://bugzilla.suse.com/868603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1514"
    },
    {
      "cve": "CVE-2014-1518",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1518"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1518",
          "url": "https://www.suse.com/security/cve/CVE-2014-1518"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 875803 for CVE-2014-1518",
          "url": "https://bugzilla.suse.com/875803"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1518"
    },
    {
      "cve": "CVE-2014-1522",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1522"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1522",
          "url": "https://www.suse.com/security/cve/CVE-2014-1522"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1522"
    },
    {
      "cve": "CVE-2014-1523",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1523"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1523",
          "url": "https://www.suse.com/security/cve/CVE-2014-1523"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 875803 for CVE-2014-1523",
          "url": "https://bugzilla.suse.com/875803"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1523"
    },
    {
      "cve": "CVE-2014-1524",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1524"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1524",
          "url": "https://www.suse.com/security/cve/CVE-2014-1524"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 875803 for CVE-2014-1524",
          "url": "https://bugzilla.suse.com/875803"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1524"
    },
    {
      "cve": "CVE-2014-1525",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1525"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1525",
          "url": "https://www.suse.com/security/cve/CVE-2014-1525"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1525"
    },
    {
      "cve": "CVE-2014-1526",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1526"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1526",
          "url": "https://www.suse.com/security/cve/CVE-2014-1526"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1526"
    },
    {
      "cve": "CVE-2014-1528",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1528"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1528",
          "url": "https://www.suse.com/security/cve/CVE-2014-1528"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1528"
    },
    {
      "cve": "CVE-2014-1529",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1529"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1529",
          "url": "https://www.suse.com/security/cve/CVE-2014-1529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 875803 for CVE-2014-1529",
          "url": "https://bugzilla.suse.com/875803"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1529"
    },
    {
      "cve": "CVE-2014-1530",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1530"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1530",
          "url": "https://www.suse.com/security/cve/CVE-2014-1530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 875378 for CVE-2014-1530",
          "url": "https://bugzilla.suse.com/875378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 875803 for CVE-2014-1530",
          "url": "https://bugzilla.suse.com/875803"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1530"
    },
    {
      "cve": "CVE-2014-1531",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1531"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1531",
          "url": "https://www.suse.com/security/cve/CVE-2014-1531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 875803 for CVE-2014-1531",
          "url": "https://bugzilla.suse.com/875803"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1531"
    },
    {
      "cve": "CVE-2014-1532",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1532"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1532",
          "url": "https://www.suse.com/security/cve/CVE-2014-1532"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 875803 for CVE-2014-1532",
          "url": "https://bugzilla.suse.com/875803"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1532"
    },
    {
      "cve": "CVE-2014-1533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1533",
          "url": "https://www.suse.com/security/cve/CVE-2014-1533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 881874 for CVE-2014-1533",
          "url": "https://bugzilla.suse.com/881874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1533"
    },
    {
      "cve": "CVE-2014-1536",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1536"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1536",
          "url": "https://www.suse.com/security/cve/CVE-2014-1536"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1536"
    },
    {
      "cve": "CVE-2014-1539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1539",
          "url": "https://www.suse.com/security/cve/CVE-2014-1539"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1539"
    },
    {
      "cve": "CVE-2014-1540",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1540"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1540",
          "url": "https://www.suse.com/security/cve/CVE-2014-1540"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1540"
    },
    {
      "cve": "CVE-2014-1541",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1541"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1541",
          "url": "https://www.suse.com/security/cve/CVE-2014-1541"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1541"
    },
    {
      "cve": "CVE-2014-1542",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1542"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1542",
          "url": "https://www.suse.com/security/cve/CVE-2014-1542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1542"
    },
    {
      "cve": "CVE-2014-1543",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1543"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1543",
          "url": "https://www.suse.com/security/cve/CVE-2014-1543"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-1543"
    },
    {
      "cve": "CVE-2014-1544",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1544"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1544",
          "url": "https://www.suse.com/security/cve/CVE-2014-1544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 887746 for CVE-2014-1544",
          "url": "https://bugzilla.suse.com/887746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1544"
    },
    {
      "cve": "CVE-2014-1545",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1545"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1545",
          "url": "https://www.suse.com/security/cve/CVE-2014-1545"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1545"
    },
    {
      "cve": "CVE-2014-1547",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1547"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1547",
          "url": "https://www.suse.com/security/cve/CVE-2014-1547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1547"
    },
    {
      "cve": "CVE-2014-1549",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1549"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1549",
          "url": "https://www.suse.com/security/cve/CVE-2014-1549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 887746 for CVE-2014-1549",
          "url": "https://bugzilla.suse.com/887746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1549"
    },
    {
      "cve": "CVE-2014-1550",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1550"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1550",
          "url": "https://www.suse.com/security/cve/CVE-2014-1550"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 887746 for CVE-2014-1550",
          "url": "https://bugzilla.suse.com/887746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1550"
    },
    {
      "cve": "CVE-2014-1552",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1552"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1552",
          "url": "https://www.suse.com/security/cve/CVE-2014-1552"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 887746 for CVE-2014-1552",
          "url": "https://bugzilla.suse.com/887746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1552"
    },
    {
      "cve": "CVE-2014-1553",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1553"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1553",
          "url": "https://www.suse.com/security/cve/CVE-2014-1553"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 894370 for CVE-2014-1553",
          "url": "https://bugzilla.suse.com/894370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1553"
    },
    {
      "cve": "CVE-2014-1555",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1555"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1555",
          "url": "https://www.suse.com/security/cve/CVE-2014-1555"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 887746 for CVE-2014-1555",
          "url": "https://bugzilla.suse.com/887746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1555"
    },
    {
      "cve": "CVE-2014-1556",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1556"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1556",
          "url": "https://www.suse.com/security/cve/CVE-2014-1556"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 887746 for CVE-2014-1556",
          "url": "https://bugzilla.suse.com/887746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1556"
    },
    {
      "cve": "CVE-2014-1557",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1557"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1557",
          "url": "https://www.suse.com/security/cve/CVE-2014-1557"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 887746 for CVE-2014-1557",
          "url": "https://bugzilla.suse.com/887746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1557"
    },
    {
      "cve": "CVE-2014-1558",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1558"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1558",
          "url": "https://www.suse.com/security/cve/CVE-2014-1558"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 887746 for CVE-2014-1558",
          "url": "https://bugzilla.suse.com/887746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1558"
    },
    {
      "cve": "CVE-2014-1561",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1561"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1561",
          "url": "https://www.suse.com/security/cve/CVE-2014-1561"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 887746 for CVE-2014-1561",
          "url": "https://bugzilla.suse.com/887746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1561"
    },
    {
      "cve": "CVE-2014-1563",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1563"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1563",
          "url": "https://www.suse.com/security/cve/CVE-2014-1563"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 894370 for CVE-2014-1563",
          "url": "https://bugzilla.suse.com/894370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1563"
    },
    {
      "cve": "CVE-2014-1564",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1564"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1564",
          "url": "https://www.suse.com/security/cve/CVE-2014-1564"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 894370 for CVE-2014-1564",
          "url": "https://bugzilla.suse.com/894370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1564"
    },
    {
      "cve": "CVE-2014-1565",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1565"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly create audio timelines, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted API calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1565",
          "url": "https://www.suse.com/security/cve/CVE-2014-1565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 894370 for CVE-2014-1565",
          "url": "https://bugzilla.suse.com/894370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1565"
    },
    {
      "cve": "CVE-2014-1567",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1567"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1567",
          "url": "https://www.suse.com/security/cve/CVE-2014-1567"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 894370 for CVE-2014-1567",
          "url": "https://bugzilla.suse.com/894370"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2014-1567"
    },
    {
      "cve": "CVE-2014-1574",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1574"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1574",
          "url": "https://www.suse.com/security/cve/CVE-2014-1574"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 900941 for CVE-2014-1574",
          "url": "https://bugzilla.suse.com/900941"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-1574"
    },
    {
      "cve": "CVE-2014-1576",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1576"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1576",
          "url": "https://www.suse.com/security/cve/CVE-2014-1576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 900941 for CVE-2014-1576",
          "url": "https://bugzilla.suse.com/900941"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-1576"
    },
    {
      "cve": "CVE-2014-1577",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1577"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1577",
          "url": "https://www.suse.com/security/cve/CVE-2014-1577"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 900941 for CVE-2014-1577",
          "url": "https://bugzilla.suse.com/900941"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-1577"
    },
    {
      "cve": "CVE-2014-1578",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1578"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1578",
          "url": "https://www.suse.com/security/cve/CVE-2014-1578"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 900941 for CVE-2014-1578",
          "url": "https://bugzilla.suse.com/900941"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-1578"
    },
    {
      "cve": "CVE-2014-1580",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1580"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1580",
          "url": "https://www.suse.com/security/cve/CVE-2014-1580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 900941 for CVE-2014-1580",
          "url": "https://bugzilla.suse.com/900941"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-1580"
    },
    {
      "cve": "CVE-2014-1581",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1581"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1581",
          "url": "https://www.suse.com/security/cve/CVE-2014-1581"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 900941 for CVE-2014-1581",
          "url": "https://bugzilla.suse.com/900941"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-1581"
    },
    {
      "cve": "CVE-2014-1582",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1582"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which allows man-in-the-middle attackers to bypass an intended pinning configuration and spoof a web site by providing a valid certificate from an arbitrary recognized Certification Authority.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1582",
          "url": "https://www.suse.com/security/cve/CVE-2014-1582"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 900941 for CVE-2014-1582",
          "url": "https://bugzilla.suse.com/900941"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-1582"
    },
    {
      "cve": "CVE-2014-1583",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1583"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1583",
          "url": "https://www.suse.com/security/cve/CVE-2014-1583"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 900941 for CVE-2014-1583",
          "url": "https://bugzilla.suse.com/900941"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-1583"
    },
    {
      "cve": "CVE-2014-1585",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1585"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information from the local camera by maintaining a session after the user tries to discontinue streaming.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1585",
          "url": "https://www.suse.com/security/cve/CVE-2014-1585"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 900941 for CVE-2014-1585",
          "url": "https://bugzilla.suse.com/900941"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-1585"
    },
    {
      "cve": "CVE-2014-1587",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1587"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1587",
          "url": "https://www.suse.com/security/cve/CVE-2014-1587"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 908009 for CVE-2014-1587",
          "url": "https://bugzilla.suse.com/908009"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1587"
    },
    {
      "cve": "CVE-2014-1589",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1589"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1589",
          "url": "https://www.suse.com/security/cve/CVE-2014-1589"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 908009 for CVE-2014-1589",
          "url": "https://bugzilla.suse.com/908009"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1589"
    },
    {
      "cve": "CVE-2014-1590",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1590"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1590",
          "url": "https://www.suse.com/security/cve/CVE-2014-1590"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 908009 for CVE-2014-1590",
          "url": "https://bugzilla.suse.com/908009"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1590"
    },
    {
      "cve": "CVE-2014-1591",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1591"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1591",
          "url": "https://www.suse.com/security/cve/CVE-2014-1591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 908009 for CVE-2014-1591",
          "url": "https://bugzilla.suse.com/908009"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1591"
    },
    {
      "cve": "CVE-2014-1592",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1592"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1592",
          "url": "https://www.suse.com/security/cve/CVE-2014-1592"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 908009 for CVE-2014-1592",
          "url": "https://bugzilla.suse.com/908009"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1592"
    },
    {
      "cve": "CVE-2014-1593",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1593"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1593",
          "url": "https://www.suse.com/security/cve/CVE-2014-1593"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 908009 for CVE-2014-1593",
          "url": "https://bugzilla.suse.com/908009"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1593"
    },
    {
      "cve": "CVE-2014-1594",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-1594"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-1594",
          "url": "https://www.suse.com/security/cve/CVE-2014-1594"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 908009 for CVE-2014-1594",
          "url": "https://bugzilla.suse.com/908009"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-1594"
    },
    {
      "cve": "CVE-2014-8634",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-8634"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-8634",
          "url": "https://www.suse.com/security/cve/CVE-2014-8634"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913064 for CVE-2014-8634",
          "url": "https://bugzilla.suse.com/913064"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913096 for CVE-2014-8634",
          "url": "https://bugzilla.suse.com/913096"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-8634"
    },
    {
      "cve": "CVE-2014-8636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-8636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-8636",
          "url": "https://www.suse.com/security/cve/CVE-2014-8636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913096 for CVE-2014-8636",
          "url": "https://bugzilla.suse.com/913096"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913102 for CVE-2014-8636",
          "url": "https://bugzilla.suse.com/913102"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-8636"
    },
    {
      "cve": "CVE-2014-8637",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-8637"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-8637",
          "url": "https://www.suse.com/security/cve/CVE-2014-8637"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913096 for CVE-2014-8637",
          "url": "https://bugzilla.suse.com/913096"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913103 for CVE-2014-8637",
          "url": "https://bugzilla.suse.com/913103"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-8637"
    },
    {
      "cve": "CVE-2014-8638",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-8638"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-8638",
          "url": "https://www.suse.com/security/cve/CVE-2014-8638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913068 for CVE-2014-8638",
          "url": "https://bugzilla.suse.com/913068"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913096 for CVE-2014-8638",
          "url": "https://bugzilla.suse.com/913096"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-8638"
    },
    {
      "cve": "CVE-2014-8639",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-8639"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-8639",
          "url": "https://www.suse.com/security/cve/CVE-2014-8639"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913066 for CVE-2014-8639",
          "url": "https://bugzilla.suse.com/913066"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913096 for CVE-2014-8639",
          "url": "https://bugzilla.suse.com/913096"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-8639"
    },
    {
      "cve": "CVE-2014-8640",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-8640"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-8640",
          "url": "https://www.suse.com/security/cve/CVE-2014-8640"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913096 for CVE-2014-8640",
          "url": "https://bugzilla.suse.com/913096"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913104 for CVE-2014-8640",
          "url": "https://bugzilla.suse.com/913104"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-8640"
    },
    {
      "cve": "CVE-2014-8641",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-8641"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-8641",
          "url": "https://www.suse.com/security/cve/CVE-2014-8641"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913067 for CVE-2014-8641",
          "url": "https://bugzilla.suse.com/913067"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913096 for CVE-2014-8641",
          "url": "https://bugzilla.suse.com/913096"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-8641"
    },
    {
      "cve": "CVE-2014-8642",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-8642"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-8642",
          "url": "https://www.suse.com/security/cve/CVE-2014-8642"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913222 for CVE-2014-8642",
          "url": "https://bugzilla.suse.com/913222"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-8642"
    },
    {
      "cve": "CVE-2014-8643",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-8643"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin\u0027s process.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-8643",
          "url": "https://www.suse.com/security/cve/CVE-2014-8643"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-8643"
    },
    {
      "cve": "CVE-2015-0798",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0798"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, and Desktop Firefox pre-release, does not properly handle privileged URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0798",
          "url": "https://www.suse.com/security/cve/CVE-2015-0798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-0798"
    },
    {
      "cve": "CVE-2015-0799",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0799"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0799",
          "url": "https://www.suse.com/security/cve/CVE-2015-0799"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0799",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 926166 for CVE-2015-0799",
          "url": "https://bugzilla.suse.com/926166"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0799"
    },
    {
      "cve": "CVE-2015-0800",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0800"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PRNG implementation in the DNS resolver in Mozilla Firefox (aka Fennec) before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2012-2808.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0800",
          "url": "https://www.suse.com/security/cve/CVE-2015-0800"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-0800"
    },
    {
      "cve": "CVE-2015-0801",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0801"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0801",
          "url": "https://www.suse.com/security/cve/CVE-2015-0801"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0801",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925401 for CVE-2015-0801",
          "url": "https://bugzilla.suse.com/925401"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0801"
    },
    {
      "cve": "CVE-2015-0802",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0802"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0802",
          "url": "https://www.suse.com/security/cve/CVE-2015-0802"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0802",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925402 for CVE-2015-0802",
          "url": "https://bugzilla.suse.com/925402"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-0802"
    },
    {
      "cve": "CVE-2015-0803",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0803"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element\u0027s attributes, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0803",
          "url": "https://www.suse.com/security/cve/CVE-2015-0803"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0803",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925400 for CVE-2015-0803",
          "url": "https://bugzilla.suse.com/925400"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0803"
    },
    {
      "cve": "CVE-2015-0805",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0805"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors that trigger rendering of 2D graphics content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0805",
          "url": "https://www.suse.com/security/cve/CVE-2015-0805"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0805",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925399 for CVE-2015-0805",
          "url": "https://bugzilla.suse.com/925399"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0805"
    },
    {
      "cve": "CVE-2015-0807",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0807"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0807",
          "url": "https://www.suse.com/security/cve/CVE-2015-0807"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 913068 for CVE-2015-0807",
          "url": "https://bugzilla.suse.com/913068"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0807",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925398 for CVE-2015-0807",
          "url": "https://bugzilla.suse.com/925398"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0807"
    },
    {
      "cve": "CVE-2015-0808",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0808"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox before 37.0 uses incompatible approaches to the deallocation of memory for simple-type arrays, which might allow remote attackers to cause a denial of service (memory corruption) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0808",
          "url": "https://www.suse.com/security/cve/CVE-2015-0808"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0808",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925397 for CVE-2015-0808",
          "url": "https://bugzilla.suse.com/925397"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-0808"
    },
    {
      "cve": "CVE-2015-0810",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0810"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with an IMG element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0810",
          "url": "https://www.suse.com/security/cve/CVE-2015-0810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-0810"
    },
    {
      "cve": "CVE-2015-0811",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0811"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0811",
          "url": "https://www.suse.com/security/cve/CVE-2015-0811"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0811",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925396 for CVE-2015-0811",
          "url": "https://bugzilla.suse.com/925396"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-0811"
    },
    {
      "cve": "CVE-2015-0812",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0812"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0812",
          "url": "https://www.suse.com/security/cve/CVE-2015-0812"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0812",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925394 for CVE-2015-0812",
          "url": "https://bugzilla.suse.com/925394"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-0812"
    },
    {
      "cve": "CVE-2015-0813",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0813"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0813",
          "url": "https://www.suse.com/security/cve/CVE-2015-0813"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0813",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925393 for CVE-2015-0813",
          "url": "https://bugzilla.suse.com/925393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0813"
    },
    {
      "cve": "CVE-2015-0814",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0814"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0814",
          "url": "https://www.suse.com/security/cve/CVE-2015-0814"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0814",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925392 for CVE-2015-0814",
          "url": "https://bugzilla.suse.com/925392"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0814"
    },
    {
      "cve": "CVE-2015-0816",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0816"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0816",
          "url": "https://www.suse.com/security/cve/CVE-2015-0816"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925368 for CVE-2015-0816",
          "url": "https://bugzilla.suse.com/925368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925395 for CVE-2015-0816",
          "url": "https://bugzilla.suse.com/925395"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0816"
    },
    {
      "cve": "CVE-2015-0817",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0817"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0817",
          "url": "https://www.suse.com/security/cve/CVE-2015-0817"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923495 for CVE-2015-0817",
          "url": "https://bugzilla.suse.com/923495"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923534 for CVE-2015-0817",
          "url": "https://bugzilla.suse.com/923534"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0817"
    },
    {
      "cve": "CVE-2015-0818",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0818"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0818",
          "url": "https://www.suse.com/security/cve/CVE-2015-0818"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923495 for CVE-2015-0818",
          "url": "https://bugzilla.suse.com/923495"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923534 for CVE-2015-0818",
          "url": "https://bugzilla.suse.com/923534"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0818"
    },
    {
      "cve": "CVE-2015-0819",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0819"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call originates from a foreground tab, which allows remote attackers to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0819",
          "url": "https://www.suse.com/security/cve/CVE-2015-0819"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0819",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0819"
    },
    {
      "cve": "CVE-2015-0820",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0820"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0820",
          "url": "https://www.suse.com/security/cve/CVE-2015-0820"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0820",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0820"
    },
    {
      "cve": "CVE-2015-0821",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0821"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0821",
          "url": "https://www.suse.com/security/cve/CVE-2015-0821"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0821",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0821"
    },
    {
      "cve": "CVE-2015-0822",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0822"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0822",
          "url": "https://www.suse.com/security/cve/CVE-2015-0822"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 910669 for CVE-2015-0822",
          "url": "https://bugzilla.suse.com/910669"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0822",
          "url": "https://bugzilla.suse.com/917597"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923534 for CVE-2015-0822",
          "url": "https://bugzilla.suse.com/923534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 924515 for CVE-2015-0822",
          "url": "https://bugzilla.suse.com/924515"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0822"
    },
    {
      "cve": "CVE-2015-0823",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0823"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36.0, might allow remote attackers to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, related to the ots::ots_gasp_parse function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0823",
          "url": "https://www.suse.com/security/cve/CVE-2015-0823"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0823",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0823"
    },
    {
      "cve": "CVE-2015-0824",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0824"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0 allows remote attackers to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo library for image drawing.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0824",
          "url": "https://www.suse.com/security/cve/CVE-2015-0824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0824",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0824"
    },
    {
      "cve": "CVE-2015-0825",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0825"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox before 36.0 allows remote attackers to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during playback.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0825",
          "url": "https://www.suse.com/security/cve/CVE-2015-0825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0825",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0825"
    },
    {
      "cve": "CVE-2015-0826",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0826"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0826",
          "url": "https://www.suse.com/security/cve/CVE-2015-0826"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0826",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0826"
    },
    {
      "cve": "CVE-2015-0827",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0827"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0827",
          "url": "https://www.suse.com/security/cve/CVE-2015-0827"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 910669 for CVE-2015-0827",
          "url": "https://bugzilla.suse.com/910669"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0827",
          "url": "https://bugzilla.suse.com/917597"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923534 for CVE-2015-0827",
          "url": "https://bugzilla.suse.com/923534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 924515 for CVE-2015-0827",
          "url": "https://bugzilla.suse.com/924515"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0827"
    },
    {
      "cve": "CVE-2015-0828",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0828"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0828",
          "url": "https://www.suse.com/security/cve/CVE-2015-0828"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0828",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0828"
    },
    {
      "cve": "CVE-2015-0829",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0829"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0829",
          "url": "https://www.suse.com/security/cve/CVE-2015-0829"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0829",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0829"
    },
    {
      "cve": "CVE-2015-0830",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0830"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebGL implementation in Mozilla Firefox before 36.0 does not properly allocate memory for copying an unspecified string to a shader\u0027s compilation log, which allows remote attackers to cause a denial of service (application crash) via crafted WebGL content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0830",
          "url": "https://www.suse.com/security/cve/CVE-2015-0830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0830",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0830"
    },
    {
      "cve": "CVE-2015-0831",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0831"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0831",
          "url": "https://www.suse.com/security/cve/CVE-2015-0831"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 910669 for CVE-2015-0831",
          "url": "https://bugzilla.suse.com/910669"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0831",
          "url": "https://bugzilla.suse.com/917597"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923534 for CVE-2015-0831",
          "url": "https://bugzilla.suse.com/923534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 924515 for CVE-2015-0831",
          "url": "https://bugzilla.suse.com/924515"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0831"
    },
    {
      "cve": "CVE-2015-0832",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0832"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle attackers to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and leveraging access to an X.509 certificate for a domain with this character.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0832",
          "url": "https://www.suse.com/security/cve/CVE-2015-0832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0832",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0832"
    },
    {
      "cve": "CVE-2015-0833",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0833"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not used, allow local users to gain privileges via a Trojan horse DLL in (1) the current working directory or (2) a temporary directory, as demonstrated by bcrypt.dll.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0833",
          "url": "https://www.suse.com/security/cve/CVE-2015-0833"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923534 for CVE-2015-0833",
          "url": "https://bugzilla.suse.com/923534"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-0833"
    },
    {
      "cve": "CVE-2015-0834",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0834"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to discover credentials by spoofing a server and completing a brute-force attack within a short time window.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0834",
          "url": "https://www.suse.com/security/cve/CVE-2015-0834"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0834",
          "url": "https://bugzilla.suse.com/917597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0834"
    },
    {
      "cve": "CVE-2015-0835",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0835"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0835",
          "url": "https://www.suse.com/security/cve/CVE-2015-0835"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 910669 for CVE-2015-0835",
          "url": "https://bugzilla.suse.com/910669"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 917597 for CVE-2015-0835",
          "url": "https://bugzilla.suse.com/917597"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 924515 for CVE-2015-0835",
          "url": "https://bugzilla.suse.com/924515"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-0835"
    },
    {
      "cve": "CVE-2015-2706",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2706"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2706",
          "url": "https://www.suse.com/security/cve/CVE-2015-2706"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 928116 for CVE-2015-2706",
          "url": "https://bugzilla.suse.com/928116"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-2706"
    },
    {
      "cve": "CVE-2015-2708",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2708"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2708",
          "url": "https://www.suse.com/security/cve/CVE-2015-2708"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 930622 for CVE-2015-2708",
          "url": "https://bugzilla.suse.com/930622"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-2708"
    },
    {
      "cve": "CVE-2015-2710",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2710"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2710",
          "url": "https://www.suse.com/security/cve/CVE-2015-2710"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 930622 for CVE-2015-2710",
          "url": "https://bugzilla.suse.com/930622"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-2710"
    },
    {
      "cve": "CVE-2015-2711",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2711"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a URL, as demonstrated by a private path component.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2711",
          "url": "https://www.suse.com/security/cve/CVE-2015-2711"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 930622 for CVE-2015-2711",
          "url": "https://bugzilla.suse.com/930622"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-2711"
    },
    {
      "cve": "CVE-2015-2712",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2712"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger out-of-bounds read operations and possibly obtain sensitive information from process memory, via crafted JavaScript.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2712",
          "url": "https://www.suse.com/security/cve/CVE-2015-2712"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 930622 for CVE-2015-2712",
          "url": "https://bugzilla.suse.com/930622"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-2712"
    },
    {
      "cve": "CVE-2015-2713",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2713"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2713",
          "url": "https://www.suse.com/security/cve/CVE-2015-2713"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 930622 for CVE-2015-2713",
          "url": "https://bugzilla.suse.com/930622"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-2713"
    },
    {
      "cve": "CVE-2015-2715",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2715"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2715",
          "url": "https://www.suse.com/security/cve/CVE-2015-2715"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 930622 for CVE-2015-2715",
          "url": "https://bugzilla.suse.com/930622"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-2715"
    },
    {
      "cve": "CVE-2015-2716",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2716"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2716",
          "url": "https://www.suse.com/security/cve/CVE-2015-2716"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 930622 for CVE-2015-2716",
          "url": "https://bugzilla.suse.com/930622"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 939077 for CVE-2015-2716",
          "url": "https://bugzilla.suse.com/939077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 980391 for CVE-2015-2716",
          "url": "https://bugzilla.suse.com/980391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983985 for CVE-2015-2716",
          "url": "https://bugzilla.suse.com/983985"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-2716"
    },
    {
      "cve": "CVE-2015-2717",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2717"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2717",
          "url": "https://www.suse.com/security/cve/CVE-2015-2717"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 930622 for CVE-2015-2717",
          "url": "https://bugzilla.suse.com/930622"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-2717"
    },
    {
      "cve": "CVE-2015-2718",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2718"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2718",
          "url": "https://www.suse.com/security/cve/CVE-2015-2718"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 930622 for CVE-2015-2718",
          "url": "https://bugzilla.suse.com/930622"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-2718"
    },
    {
      "cve": "CVE-2015-2721",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2721"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a \"SMACK SKIP-TLS\" issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2721",
          "url": "https://www.suse.com/security/cve/CVE-2015-2721"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2721",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2721"
    },
    {
      "cve": "CVE-2015-2722",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2722"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2722",
          "url": "https://www.suse.com/security/cve/CVE-2015-2722"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2722",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2722"
    },
    {
      "cve": "CVE-2015-2724",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2724"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2724",
          "url": "https://www.suse.com/security/cve/CVE-2015-2724"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2724",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2724"
    },
    {
      "cve": "CVE-2015-2727",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2727"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.  NOTE: this vulnerability exists because of a CVE-2015-0821 regression.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2727",
          "url": "https://www.suse.com/security/cve/CVE-2015-2727"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2727",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2727"
    },
    {
      "cve": "CVE-2015-2728",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2728"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a \"type confusion\" issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2728",
          "url": "https://www.suse.com/security/cve/CVE-2015-2728"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2728",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2728"
    },
    {
      "cve": "CVE-2015-2729",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2729"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2729",
          "url": "https://www.suse.com/security/cve/CVE-2015-2729"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2729",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2729"
    },
    {
      "cve": "CVE-2015-2730",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2730"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2730",
          "url": "https://www.suse.com/security/cve/CVE-2015-2730"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2730",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2730"
    },
    {
      "cve": "CVE-2015-2731",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2731"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2731",
          "url": "https://www.suse.com/security/cve/CVE-2015-2731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2731",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2731"
    },
    {
      "cve": "CVE-2015-2734",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2734"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2734",
          "url": "https://www.suse.com/security/cve/CVE-2015-2734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2734",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2734"
    },
    {
      "cve": "CVE-2015-2738",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2738"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2738",
          "url": "https://www.suse.com/security/cve/CVE-2015-2738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2738",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2738"
    },
    {
      "cve": "CVE-2015-2741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which allows user-assisted man-in-the-middle attackers to bypass intended access restrictions by triggering a (1) expired certificate or (2) mismatched hostname for a domain with pinning enabled.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2741",
          "url": "https://www.suse.com/security/cve/CVE-2015-2741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2741",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2741"
    },
    {
      "cve": "CVE-2015-2742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2742",
          "url": "https://www.suse.com/security/cve/CVE-2015-2742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2742",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2742"
    },
    {
      "cve": "CVE-2015-2743",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2743"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2743",
          "url": "https://www.suse.com/security/cve/CVE-2015-2743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-2743",
          "url": "https://bugzilla.suse.com/935979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-2743"
    },
    {
      "cve": "CVE-2015-4000",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4000"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4000",
          "url": "https://www.suse.com/security/cve/CVE-2015-4000"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1074631 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/1074631"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211968 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/1211968"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 931600 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/931600"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 931698 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/931698"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 931723 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/931723"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 931845 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/931845"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 932026 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/932026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 932483 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/932483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 934789 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/934789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935033 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/935033"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935540 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/935540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935979 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/935979"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 937202 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/937202"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 937766 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/937766"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 938248 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/938248"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 938432 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/938432"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 938895 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/938895"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 938905 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/938905"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 938906 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/938906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 938913 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/938913"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 938945 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/938945"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 943664 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/943664"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 944729 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/944729"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945582 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/945582"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 955589 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/955589"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 980406 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/980406"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 990592 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/990592"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 994144 for CVE-2015-4000",
          "url": "https://bugzilla.suse.com/994144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4000"
    },
    {
      "cve": "CVE-2015-4473",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4473"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4473",
          "url": "https://www.suse.com/security/cve/CVE-2015-4473"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4473",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4473"
    },
    {
      "cve": "CVE-2015-4475",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4475"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4475",
          "url": "https://www.suse.com/security/cve/CVE-2015-4475"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4475",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4475"
    },
    {
      "cve": "CVE-2015-4476",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4476"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 41.0 on Android allows user-assisted remote attackers to spoof address-bar attributes by leveraging lack of navigation after a paste of a URL with a nonstandard scheme, as demonstrated by spoofing an SSL attribute.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4476",
          "url": "https://www.suse.com/security/cve/CVE-2015-4476"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4476",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-4476"
    },
    {
      "cve": "CVE-2015-4477",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4477"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4477",
          "url": "https://www.suse.com/security/cve/CVE-2015-4477"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4477",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4477"
    },
    {
      "cve": "CVE-2015-4478",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4478"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4478",
          "url": "https://www.suse.com/security/cve/CVE-2015-4478"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4478",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4478"
    },
    {
      "cve": "CVE-2015-4479",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4479"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4479",
          "url": "https://www.suse.com/security/cve/CVE-2015-4479"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4479",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4479"
    },
    {
      "cve": "CVE-2015-4481",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4481"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4481",
          "url": "https://www.suse.com/security/cve/CVE-2015-4481"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4481",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-4481"
    },
    {
      "cve": "CVE-2015-4482",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4482"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows local users to gain privileges or cause a denial of service (out-of-bounds write) via a crafted name of a Mozilla Archive (aka MAR) file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4482",
          "url": "https://www.suse.com/security/cve/CVE-2015-4482"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4482",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-4482"
    },
    {
      "cve": "CVE-2015-4483",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4483"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 40.0 allows man-in-the-middle attackers to bypass a mixed-content protection mechanism via a feed: URL in a POST request.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4483",
          "url": "https://www.suse.com/security/cve/CVE-2015-4483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4483",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4483"
    },
    {
      "cve": "CVE-2015-4484",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4484"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service (application crash) by leveraging the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4484",
          "url": "https://www.suse.com/security/cve/CVE-2015-4484"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4484",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4484"
    },
    {
      "cve": "CVE-2015-4485",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4485"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4485",
          "url": "https://www.suse.com/security/cve/CVE-2015-4485"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4485",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4485"
    },
    {
      "cve": "CVE-2015-4487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4487",
          "url": "https://www.suse.com/security/cve/CVE-2015-4487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4487",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4487"
    },
    {
      "cve": "CVE-2015-4490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in Mozilla Firefox before 40.0 does not implement the Content Security Policy Level 2 exceptions for the blob, data, and filesystem URL schemes during wildcard source-expression matching, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging unexpected policy-enforcement behavior.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4490",
          "url": "https://www.suse.com/security/cve/CVE-2015-4490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4490",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4490"
    },
    {
      "cve": "CVE-2015-4491",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4491"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4491",
          "url": "https://www.suse.com/security/cve/CVE-2015-4491"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4491",
          "url": "https://bugzilla.suse.com/940806"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 942801 for CVE-2015-4491",
          "url": "https://bugzilla.suse.com/942801"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 948790 for CVE-2015-4491",
          "url": "https://bugzilla.suse.com/948790"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-4491"
    },
    {
      "cve": "CVE-2015-4492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4492",
          "url": "https://www.suse.com/security/cve/CVE-2015-4492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4492",
          "url": "https://bugzilla.suse.com/940806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4492"
    },
    {
      "cve": "CVE-2015-4495",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4495"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4495",
          "url": "https://www.suse.com/security/cve/CVE-2015-4495"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940806 for CVE-2015-4495",
          "url": "https://bugzilla.suse.com/940806"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 940918 for CVE-2015-4495",
          "url": "https://bugzilla.suse.com/940918"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-4495"
    },
    {
      "cve": "CVE-2015-4497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4497",
          "url": "https://www.suse.com/security/cve/CVE-2015-4497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 943550 for CVE-2015-4497",
          "url": "https://bugzilla.suse.com/943550"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 943557 for CVE-2015-4497",
          "url": "https://bugzilla.suse.com/943557"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 943608 for CVE-2015-4497",
          "url": "https://bugzilla.suse.com/943608"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-4497"
    },
    {
      "cve": "CVE-2015-4498",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4498"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4498",
          "url": "https://www.suse.com/security/cve/CVE-2015-4498"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 943550 for CVE-2015-4498",
          "url": "https://bugzilla.suse.com/943550"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 943558 for CVE-2015-4498",
          "url": "https://bugzilla.suse.com/943558"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 943608 for CVE-2015-4498",
          "url": "https://bugzilla.suse.com/943608"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4498"
    },
    {
      "cve": "CVE-2015-4500",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4500"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4500",
          "url": "https://www.suse.com/security/cve/CVE-2015-4500"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4500",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4500"
    },
    {
      "cve": "CVE-2015-4502",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4502"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4502",
          "url": "https://www.suse.com/security/cve/CVE-2015-4502"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4502",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-4502"
    },
    {
      "cve": "CVE-2015-4503",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4503"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4503",
          "url": "https://www.suse.com/security/cve/CVE-2015-4503"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4503",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-4503"
    },
    {
      "cve": "CVE-2015-4504",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4504"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4504",
          "url": "https://www.suse.com/security/cve/CVE-2015-4504"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4504",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-4504"
    },
    {
      "cve": "CVE-2015-4505",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4505"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4505",
          "url": "https://www.suse.com/security/cve/CVE-2015-4505"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4505",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-4505"
    },
    {
      "cve": "CVE-2015-4506",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4506"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4506",
          "url": "https://www.suse.com/security/cve/CVE-2015-4506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4506",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4506"
    },
    {
      "cve": "CVE-2015-4507",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4507"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debugger API is enabled, allows remote attackers to cause a denial of service (getSlotRef assertion failure and application exit) or possibly execute arbitrary code via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4507",
          "url": "https://www.suse.com/security/cve/CVE-2015-4507"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4507",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-4507"
    },
    {
      "cve": "CVE-2015-4508",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4508"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4508",
          "url": "https://www.suse.com/security/cve/CVE-2015-4508"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4508",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-4508"
    },
    {
      "cve": "CVE-2015-4509",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4509"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4509",
          "url": "https://www.suse.com/security/cve/CVE-2015-4509"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4509",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4509"
    },
    {
      "cve": "CVE-2015-4510",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4510"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4510",
          "url": "https://www.suse.com/security/cve/CVE-2015-4510"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4510",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-4510"
    },
    {
      "cve": "CVE-2015-4511",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4511"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4511",
          "url": "https://www.suse.com/security/cve/CVE-2015-4511"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4511",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4511"
    },
    {
      "cve": "CVE-2015-4512",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4512"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4512",
          "url": "https://www.suse.com/security/cve/CVE-2015-4512"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4512",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-4512"
    },
    {
      "cve": "CVE-2015-4513",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4513"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4513",
          "url": "https://www.suse.com/security/cve/CVE-2015-4513"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-4513",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-4513"
    },
    {
      "cve": "CVE-2015-4515",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4515"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP authentication, allows remote attackers to obtain sensitive hostname information by constructing a crafted web site that sends an NTLM request and reads the Workstation field of an NTLM type 3 message.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4515",
          "url": "https://www.suse.com/security/cve/CVE-2015-4515"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-4515",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-4515"
    },
    {
      "cve": "CVE-2015-4516",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4516"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4516",
          "url": "https://www.suse.com/security/cve/CVE-2015-4516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4516",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-4516"
    },
    {
      "cve": "CVE-2015-4517",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4517"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4517",
          "url": "https://www.suse.com/security/cve/CVE-2015-4517"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4517",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4517"
    },
    {
      "cve": "CVE-2015-4518",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4518"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4518",
          "url": "https://www.suse.com/security/cve/CVE-2015-4518"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-4518",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-4518"
    },
    {
      "cve": "CVE-2015-4519",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4519"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect\u0027s target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4519",
          "url": "https://www.suse.com/security/cve/CVE-2015-4519"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4519",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4519"
    },
    {
      "cve": "CVE-2015-4520",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4520"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4520",
          "url": "https://www.suse.com/security/cve/CVE-2015-4520"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-4520",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-4520"
    },
    {
      "cve": "CVE-2015-7174",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7174"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7174",
          "url": "https://www.suse.com/security/cve/CVE-2015-7174"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-7174",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-7174"
    },
    {
      "cve": "CVE-2015-7178",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7178"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7178",
          "url": "https://www.suse.com/security/cve/CVE-2015-7178"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-7178",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-7178"
    },
    {
      "cve": "CVE-2015-7180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7180",
          "url": "https://www.suse.com/security/cve/CVE-2015-7180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 947003 for CVE-2015-7180",
          "url": "https://bugzilla.suse.com/947003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-7180"
    },
    {
      "cve": "CVE-2015-7181",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7181"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a \"use-after-poison\" issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7181",
          "url": "https://www.suse.com/security/cve/CVE-2015-7181"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7181",
          "url": "https://bugzilla.suse.com/952810"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 962977 for CVE-2015-7181",
          "url": "https://bugzilla.suse.com/962977"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7181"
    },
    {
      "cve": "CVE-2015-7184",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7184"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7184",
          "url": "https://www.suse.com/security/cve/CVE-2015-7184"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 950686 for CVE-2015-7184",
          "url": "https://bugzilla.suse.com/950686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7184"
    },
    {
      "cve": "CVE-2015-7185",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7185"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7185",
          "url": "https://www.suse.com/security/cve/CVE-2015-7185"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7185",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7185"
    },
    {
      "cve": "CVE-2015-7186",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7186"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 42.0 on Android allows user-assisted remote attackers to bypass the Same Origin Policy and trigger (1) a download or (2) cached profile-data reading via a file: URL in a saved HTML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7186",
          "url": "https://www.suse.com/security/cve/CVE-2015-7186"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7186",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7186"
    },
    {
      "cve": "CVE-2015-7187",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7187"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a \"script: false\" panel setting, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via inline JavaScript code that is executed within a third-party extension.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7187",
          "url": "https://www.suse.com/security/cve/CVE-2015-7187"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7187",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7187"
    },
    {
      "cve": "CVE-2015-7188",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7188"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7188",
          "url": "https://www.suse.com/security/cve/CVE-2015-7188"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7188",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7188"
    },
    {
      "cve": "CVE-2015-7189",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7189"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7189",
          "url": "https://www.suse.com/security/cve/CVE-2015-7189"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7189",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7189"
    },
    {
      "cve": "CVE-2015-7190",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7190"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Search feature in Mozilla Firefox before 42.0 on Android through 4.4 supports search-engine URL registration through an intent and can access this URL in a privileged context in conjunction with the crash reporter, which allows attackers to read log files and visit file: URLs of HTML documents via a crafted application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7190",
          "url": "https://www.suse.com/security/cve/CVE-2015-7190"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7190",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7190"
    },
    {
      "cve": "CVE-2015-7191",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7191"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka \"Universal XSS (UXSS).\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7191",
          "url": "https://www.suse.com/security/cve/CVE-2015-7191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7191",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7191"
    },
    {
      "cve": "CVE-2015-7192",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7192"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X improperly interacts with the implementation of the TABLE element, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using an NSAccessibilityIndexAttribute value to reference a row index.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7192",
          "url": "https://www.suse.com/security/cve/CVE-2015-7192"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7192",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7192"
    },
    {
      "cve": "CVE-2015-7193",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7193"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly follow the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation, which allows remote attackers to bypass the Same Origin Policy by leveraging the lack of a preflight-request step.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7193",
          "url": "https://www.suse.com/security/cve/CVE-2015-7193"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7193",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7193"
    },
    {
      "cve": "CVE-2015-7194",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7194"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7194",
          "url": "https://www.suse.com/security/cve/CVE-2015-7194"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7194",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7194"
    },
    {
      "cve": "CVE-2015-7195",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7195"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped characters in hostnames within Location headers, which allows remote attackers to obtain sensitive information via vectors involving a redirect.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7195",
          "url": "https://www.suse.com/security/cve/CVE-2015-7195"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7195",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7195"
    },
    {
      "cve": "CVE-2015-7196",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7196"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript wrapper.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7196",
          "url": "https://www.suse.com/security/cve/CVE-2015-7196"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7196",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7196"
    },
    {
      "cve": "CVE-2015-7197",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7197"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7197",
          "url": "https://www.suse.com/security/cve/CVE-2015-7197"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7197",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7197"
    },
    {
      "cve": "CVE-2015-7198",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7198"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted texture data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7198",
          "url": "https://www.suse.com/security/cve/CVE-2015-7198"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952810 for CVE-2015-7198",
          "url": "https://bugzilla.suse.com/952810"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7198"
    },
    {
      "cve": "CVE-2015-7201",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7201"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7201",
          "url": "https://www.suse.com/security/cve/CVE-2015-7201"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7201",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7201"
    },
    {
      "cve": "CVE-2015-7203",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7203"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font-family name.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7203",
          "url": "https://www.suse.com/security/cve/CVE-2015-7203"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7203",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7203"
    },
    {
      "cve": "CVE-2015-7204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7204",
          "url": "https://www.suse.com/security/cve/CVE-2015-7204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7204",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7204"
    },
    {
      "cve": "CVE-2015-7205",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7205"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7205",
          "url": "https://www.suse.com/security/cve/CVE-2015-7205"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7205",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-7205"
    },
    {
      "cve": "CVE-2015-7207",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7207"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls, a related issue to CVE-2015-1300.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7207",
          "url": "https://www.suse.com/security/cve/CVE-2015-7207"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7207",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7207"
    },
    {
      "cve": "CVE-2015-7208",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7208"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 43.0 stores cookies containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7208",
          "url": "https://www.suse.com/security/cve/CVE-2015-7208"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7208",
          "url": "https://bugzilla.suse.com/959277"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963637 for CVE-2015-7208",
          "url": "https://bugzilla.suse.com/963637"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7208"
    },
    {
      "cve": "CVE-2015-7210",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7210"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7210",
          "url": "https://www.suse.com/security/cve/CVE-2015-7210"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7210",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-7210"
    },
    {
      "cve": "CVE-2015-7211",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7211"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7211",
          "url": "https://www.suse.com/security/cve/CVE-2015-7211"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7211",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7211"
    },
    {
      "cve": "CVE-2015-7212",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7212"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7212",
          "url": "https://www.suse.com/security/cve/CVE-2015-7212"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7212",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-7212"
    },
    {
      "cve": "CVE-2015-7213",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7213"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7213",
          "url": "https://www.suse.com/security/cve/CVE-2015-7213"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7213",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7213"
    },
    {
      "cve": "CVE-2015-7214",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7214"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7214",
          "url": "https://www.suse.com/security/cve/CVE-2015-7214"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7214",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7214"
    },
    {
      "cve": "CVE-2015-7215",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7215"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the no-cors mode in the fetch API to attempt resource access that throws an exception, leading to information disclosure after a rethrow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7215",
          "url": "https://www.suse.com/security/cve/CVE-2015-7215"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7215",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7215"
    },
    {
      "cve": "CVE-2015-7216",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7216"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7216",
          "url": "https://www.suse.com/security/cve/CVE-2015-7216"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7216",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7216"
    },
    {
      "cve": "CVE-2015-7218",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7218"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7218",
          "url": "https://www.suse.com/security/cve/CVE-2015-7218"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7218",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7218"
    },
    {
      "cve": "CVE-2015-7222",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7222"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7222",
          "url": "https://www.suse.com/security/cve/CVE-2015-7222"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7222",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7222"
    },
    {
      "cve": "CVE-2015-7223",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7223"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7223",
          "url": "https://www.suse.com/security/cve/CVE-2015-7223"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959277 for CVE-2015-7223",
          "url": "https://bugzilla.suse.com/959277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7223"
    },
    {
      "cve": "CVE-2015-7575",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7575"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7575",
          "url": "https://www.suse.com/security/cve/CVE-2015-7575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959888 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/959888"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 960402 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/960402"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 960996 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/960996"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961280 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/961280"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961281 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/961281"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961282 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/961282"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961283 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/961283"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961284 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/961284"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961290 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/961290"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 961357 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/961357"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 962743 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/962743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963937 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/963937"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 967521 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/967521"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 981087 for CVE-2015-7575",
          "url": "https://bugzilla.suse.com/981087"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7575"
    },
    {
      "cve": "CVE-2016-0718",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-0718"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-0718",
          "url": "https://www.suse.com/security/cve/CVE-2016-0718"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 979441 for CVE-2016-0718",
          "url": "https://bugzilla.suse.com/979441"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-0718",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-0718"
    },
    {
      "cve": "CVE-2016-1930",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1930"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1930",
          "url": "https://www.suse.com/security/cve/CVE-2016-1930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963520 for CVE-2016-1930",
          "url": "https://bugzilla.suse.com/963520"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963632 for CVE-2016-1930",
          "url": "https://bugzilla.suse.com/963632"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2016-1930"
    },
    {
      "cve": "CVE-2016-1933",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1933"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted GIF image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1933",
          "url": "https://www.suse.com/security/cve/CVE-2016-1933"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963634 for CVE-2016-1933",
          "url": "https://bugzilla.suse.com/963634"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1933"
    },
    {
      "cve": "CVE-2016-1935",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1935"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1935",
          "url": "https://www.suse.com/security/cve/CVE-2016-1935"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963520 for CVE-2016-1935",
          "url": "https://bugzilla.suse.com/963520"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963635 for CVE-2016-1935",
          "url": "https://bugzilla.suse.com/963635"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1935"
    },
    {
      "cve": "CVE-2016-1937",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1937"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1937",
          "url": "https://www.suse.com/security/cve/CVE-2016-1937"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963641 for CVE-2016-1937",
          "url": "https://bugzilla.suse.com/963641"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977736 for CVE-2016-1937",
          "url": "https://bugzilla.suse.com/977736"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1937"
    },
    {
      "cve": "CVE-2016-1938",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1938"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1938",
          "url": "https://www.suse.com/security/cve/CVE-2016-1938"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963731 for CVE-2016-1938",
          "url": "https://bugzilla.suse.com/963731"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1938"
    },
    {
      "cve": "CVE-2016-1942",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1942"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 44.0 allows user-assisted remote attackers to spoof a trailing substring in the address bar by leveraging a user\u0027s paste of a (1) wyciwyg: URI or (2) resource: URI.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1942",
          "url": "https://www.suse.com/security/cve/CVE-2016-1942"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963643 for CVE-2016-1942",
          "url": "https://bugzilla.suse.com/963643"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1942"
    },
    {
      "cve": "CVE-2016-1944",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1944"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1944",
          "url": "https://www.suse.com/security/cve/CVE-2016-1944"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963644 for CVE-2016-1944",
          "url": "https://bugzilla.suse.com/963644"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2016-1944"
    },
    {
      "cve": "CVE-2016-1947",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1947"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1947",
          "url": "https://www.suse.com/security/cve/CVE-2016-1947"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963645 for CVE-2016-1947",
          "url": "https://bugzilla.suse.com/963645"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1947"
    },
    {
      "cve": "CVE-2016-1949",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1949"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that triggers spoofed responses to requests that use NPAPI, as demonstrated by a request for a crossdomain.xml file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1949",
          "url": "https://www.suse.com/security/cve/CVE-2016-1949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 966438 for CVE-2016-1949",
          "url": "https://bugzilla.suse.com/966438"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 967087 for CVE-2016-1949",
          "url": "https://bugzilla.suse.com/967087"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1949"
    },
    {
      "cve": "CVE-2016-1950",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1950"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1950",
          "url": "https://www.suse.com/security/cve/CVE-2016-1950"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1950",
          "url": "https://bugzilla.suse.com/969894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970257 for CVE-2016-1950",
          "url": "https://bugzilla.suse.com/970257"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970377 for CVE-2016-1950",
          "url": "https://bugzilla.suse.com/970377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970378 for CVE-2016-1950",
          "url": "https://bugzilla.suse.com/970378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970379 for CVE-2016-1950",
          "url": "https://bugzilla.suse.com/970379"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970380 for CVE-2016-1950",
          "url": "https://bugzilla.suse.com/970380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970381 for CVE-2016-1950",
          "url": "https://bugzilla.suse.com/970381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970431 for CVE-2016-1950",
          "url": "https://bugzilla.suse.com/970431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970433 for CVE-2016-1950",
          "url": "https://bugzilla.suse.com/970433"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1950"
    },
    {
      "cve": "CVE-2016-1952",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1952"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1952",
          "url": "https://www.suse.com/security/cve/CVE-2016-1952"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1952",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1952"
    },
    {
      "cve": "CVE-2016-1954",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1954"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1954",
          "url": "https://www.suse.com/security/cve/CVE-2016-1954"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1954",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1954"
    },
    {
      "cve": "CVE-2016-1955",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1955"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1955",
          "url": "https://www.suse.com/security/cve/CVE-2016-1955"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1955",
          "url": "https://bugzilla.suse.com/969894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970257 for CVE-2016-1955",
          "url": "https://bugzilla.suse.com/970257"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970377 for CVE-2016-1955",
          "url": "https://bugzilla.suse.com/970377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970378 for CVE-2016-1955",
          "url": "https://bugzilla.suse.com/970378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970379 for CVE-2016-1955",
          "url": "https://bugzilla.suse.com/970379"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970380 for CVE-2016-1955",
          "url": "https://bugzilla.suse.com/970380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970381 for CVE-2016-1955",
          "url": "https://bugzilla.suse.com/970381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970431 for CVE-2016-1955",
          "url": "https://bugzilla.suse.com/970431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970433 for CVE-2016-1955",
          "url": "https://bugzilla.suse.com/970433"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1955"
    },
    {
      "cve": "CVE-2016-1956",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1956"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1956",
          "url": "https://www.suse.com/security/cve/CVE-2016-1956"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1956",
          "url": "https://bugzilla.suse.com/969894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970257 for CVE-2016-1956",
          "url": "https://bugzilla.suse.com/970257"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970377 for CVE-2016-1956",
          "url": "https://bugzilla.suse.com/970377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970378 for CVE-2016-1956",
          "url": "https://bugzilla.suse.com/970378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970379 for CVE-2016-1956",
          "url": "https://bugzilla.suse.com/970379"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970380 for CVE-2016-1956",
          "url": "https://bugzilla.suse.com/970380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970381 for CVE-2016-1956",
          "url": "https://bugzilla.suse.com/970381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970431 for CVE-2016-1956",
          "url": "https://bugzilla.suse.com/970431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970433 for CVE-2016-1956",
          "url": "https://bugzilla.suse.com/970433"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1956"
    },
    {
      "cve": "CVE-2016-1957",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1957"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1957",
          "url": "https://www.suse.com/security/cve/CVE-2016-1957"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1957",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1957"
    },
    {
      "cve": "CVE-2016-1958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1958",
          "url": "https://www.suse.com/security/cve/CVE-2016-1958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1958",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1958"
    },
    {
      "cve": "CVE-2016-1959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1959",
          "url": "https://www.suse.com/security/cve/CVE-2016-1959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1959",
          "url": "https://bugzilla.suse.com/969894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970257 for CVE-2016-1959",
          "url": "https://bugzilla.suse.com/970257"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970377 for CVE-2016-1959",
          "url": "https://bugzilla.suse.com/970377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970378 for CVE-2016-1959",
          "url": "https://bugzilla.suse.com/970378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970379 for CVE-2016-1959",
          "url": "https://bugzilla.suse.com/970379"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970380 for CVE-2016-1959",
          "url": "https://bugzilla.suse.com/970380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970381 for CVE-2016-1959",
          "url": "https://bugzilla.suse.com/970381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970431 for CVE-2016-1959",
          "url": "https://bugzilla.suse.com/970431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970433 for CVE-2016-1959",
          "url": "https://bugzilla.suse.com/970433"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1959"
    },
    {
      "cve": "CVE-2016-1960",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1960"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1960",
          "url": "https://www.suse.com/security/cve/CVE-2016-1960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1960",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1960"
    },
    {
      "cve": "CVE-2016-1961",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1961"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1961",
          "url": "https://www.suse.com/security/cve/CVE-2016-1961"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1961",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1961"
    },
    {
      "cve": "CVE-2016-1962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1962",
          "url": "https://www.suse.com/security/cve/CVE-2016-1962"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1962",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2016-1962"
    },
    {
      "cve": "CVE-2016-1963",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1963"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The FileReader class in Mozilla Firefox before 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1963",
          "url": "https://www.suse.com/security/cve/CVE-2016-1963"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1963",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1963"
    },
    {
      "cve": "CVE-2016-1964",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1964"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1964",
          "url": "https://www.suse.com/security/cve/CVE-2016-1964"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1964",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1964"
    },
    {
      "cve": "CVE-2016-1965",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1965"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1965",
          "url": "https://www.suse.com/security/cve/CVE-2016-1965"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1965",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1965"
    },
    {
      "cve": "CVE-2016-1966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1966",
          "url": "https://www.suse.com/security/cve/CVE-2016-1966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1966",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1966"
    },
    {
      "cve": "CVE-2016-1967",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1967"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7207.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1967",
          "url": "https://www.suse.com/security/cve/CVE-2016-1967"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1967",
          "url": "https://bugzilla.suse.com/969894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970257 for CVE-2016-1967",
          "url": "https://bugzilla.suse.com/970257"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970377 for CVE-2016-1967",
          "url": "https://bugzilla.suse.com/970377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970378 for CVE-2016-1967",
          "url": "https://bugzilla.suse.com/970378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970379 for CVE-2016-1967",
          "url": "https://bugzilla.suse.com/970379"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970380 for CVE-2016-1967",
          "url": "https://bugzilla.suse.com/970380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970381 for CVE-2016-1967",
          "url": "https://bugzilla.suse.com/970381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970431 for CVE-2016-1967",
          "url": "https://bugzilla.suse.com/970431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970433 for CVE-2016-1967",
          "url": "https://bugzilla.suse.com/970433"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1967"
    },
    {
      "cve": "CVE-2016-1968",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1968"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted data with brotli compression.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1968",
          "url": "https://www.suse.com/security/cve/CVE-2016-1968"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1968",
          "url": "https://bugzilla.suse.com/969894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970257 for CVE-2016-1968",
          "url": "https://bugzilla.suse.com/970257"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970377 for CVE-2016-1968",
          "url": "https://bugzilla.suse.com/970377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970378 for CVE-2016-1968",
          "url": "https://bugzilla.suse.com/970378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970379 for CVE-2016-1968",
          "url": "https://bugzilla.suse.com/970379"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970380 for CVE-2016-1968",
          "url": "https://bugzilla.suse.com/970380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970381 for CVE-2016-1968",
          "url": "https://bugzilla.suse.com/970381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970431 for CVE-2016-1968",
          "url": "https://bugzilla.suse.com/970431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970433 for CVE-2016-1968",
          "url": "https://bugzilla.suse.com/970433"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1968"
    },
    {
      "cve": "CVE-2016-1970",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1970"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1970",
          "url": "https://www.suse.com/security/cve/CVE-2016-1970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1970",
          "url": "https://bugzilla.suse.com/969894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970257 for CVE-2016-1970",
          "url": "https://bugzilla.suse.com/970257"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970377 for CVE-2016-1970",
          "url": "https://bugzilla.suse.com/970377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970378 for CVE-2016-1970",
          "url": "https://bugzilla.suse.com/970378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970379 for CVE-2016-1970",
          "url": "https://bugzilla.suse.com/970379"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970380 for CVE-2016-1970",
          "url": "https://bugzilla.suse.com/970380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970381 for CVE-2016-1970",
          "url": "https://bugzilla.suse.com/970381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970431 for CVE-2016-1970",
          "url": "https://bugzilla.suse.com/970431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970433 for CVE-2016-1970",
          "url": "https://bugzilla.suse.com/970433"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1970"
    },
    {
      "cve": "CVE-2016-1973",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1973"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1973",
          "url": "https://www.suse.com/security/cve/CVE-2016-1973"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1973",
          "url": "https://bugzilla.suse.com/969894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970257 for CVE-2016-1973",
          "url": "https://bugzilla.suse.com/970257"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970377 for CVE-2016-1973",
          "url": "https://bugzilla.suse.com/970377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970378 for CVE-2016-1973",
          "url": "https://bugzilla.suse.com/970378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970379 for CVE-2016-1973",
          "url": "https://bugzilla.suse.com/970379"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970380 for CVE-2016-1973",
          "url": "https://bugzilla.suse.com/970380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970381 for CVE-2016-1973",
          "url": "https://bugzilla.suse.com/970381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970431 for CVE-2016-1973",
          "url": "https://bugzilla.suse.com/970431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970433 for CVE-2016-1973",
          "url": "https://bugzilla.suse.com/970433"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1973"
    },
    {
      "cve": "CVE-2016-1974",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1974"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1974",
          "url": "https://www.suse.com/security/cve/CVE-2016-1974"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1974",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1974"
    },
    {
      "cve": "CVE-2016-1976",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1976"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1976",
          "url": "https://www.suse.com/security/cve/CVE-2016-1976"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1976",
          "url": "https://bugzilla.suse.com/969894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970257 for CVE-2016-1976",
          "url": "https://bugzilla.suse.com/970257"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970377 for CVE-2016-1976",
          "url": "https://bugzilla.suse.com/970377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970378 for CVE-2016-1976",
          "url": "https://bugzilla.suse.com/970378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970379 for CVE-2016-1976",
          "url": "https://bugzilla.suse.com/970379"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970380 for CVE-2016-1976",
          "url": "https://bugzilla.suse.com/970380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970381 for CVE-2016-1976",
          "url": "https://bugzilla.suse.com/970381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970431 for CVE-2016-1976",
          "url": "https://bugzilla.suse.com/970431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970433 for CVE-2016-1976",
          "url": "https://bugzilla.suse.com/970433"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1976"
    },
    {
      "cve": "CVE-2016-1977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1977",
          "url": "https://www.suse.com/security/cve/CVE-2016-1977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1977",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1977"
    },
    {
      "cve": "CVE-2016-1979",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1979"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1979",
          "url": "https://www.suse.com/security/cve/CVE-2016-1979"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-1979",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1979"
    },
    {
      "cve": "CVE-2016-2792",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2792"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2792",
          "url": "https://www.suse.com/security/cve/CVE-2016-2792"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-2792",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-2792"
    },
    {
      "cve": "CVE-2016-2796",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2796"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2796",
          "url": "https://www.suse.com/security/cve/CVE-2016-2796"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-2796",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-2796"
    },
    {
      "cve": "CVE-2016-2800",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2800"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2800",
          "url": "https://www.suse.com/security/cve/CVE-2016-2800"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969894 for CVE-2016-2800",
          "url": "https://bugzilla.suse.com/969894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-2800"
    },
    {
      "cve": "CVE-2016-2804",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2804"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2804",
          "url": "https://www.suse.com/security/cve/CVE-2016-2804"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977373 for CVE-2016-2804",
          "url": "https://bugzilla.suse.com/977373"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2804"
    },
    {
      "cve": "CVE-2016-2808",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2808"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2808",
          "url": "https://www.suse.com/security/cve/CVE-2016-2808"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977333 for CVE-2016-2808",
          "url": "https://bugzilla.suse.com/977333"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977386 for CVE-2016-2808",
          "url": "https://bugzilla.suse.com/977386"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2808"
    },
    {
      "cve": "CVE-2016-2809",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2809"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2809",
          "url": "https://www.suse.com/security/cve/CVE-2016-2809"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977333 for CVE-2016-2809",
          "url": "https://bugzilla.suse.com/977333"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977377 for CVE-2016-2809",
          "url": "https://bugzilla.suse.com/977377"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2809"
    },
    {
      "cve": "CVE-2016-2810",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2810"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstrated by reading the browser history or a saved password.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2810",
          "url": "https://www.suse.com/security/cve/CVE-2016-2810"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977333 for CVE-2016-2810",
          "url": "https://bugzilla.suse.com/977333"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977378 for CVE-2016-2810",
          "url": "https://bugzilla.suse.com/977378"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2810"
    },
    {
      "cve": "CVE-2016-2811",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2811"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2811",
          "url": "https://www.suse.com/security/cve/CVE-2016-2811"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977379 for CVE-2016-2811",
          "url": "https://bugzilla.suse.com/977379"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-2811"
    },
    {
      "cve": "CVE-2016-2813",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2813"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device\u0027s physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2813",
          "url": "https://www.suse.com/security/cve/CVE-2016-2813"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977333 for CVE-2016-2813",
          "url": "https://bugzilla.suse.com/977333"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977380 for CVE-2016-2813",
          "url": "https://bugzilla.suse.com/977380"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2813"
    },
    {
      "cve": "CVE-2016-2814",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2814"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2814",
          "url": "https://www.suse.com/security/cve/CVE-2016-2814"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977333 for CVE-2016-2814",
          "url": "https://bugzilla.suse.com/977333"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977381 for CVE-2016-2814",
          "url": "https://bugzilla.suse.com/977381"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2814"
    },
    {
      "cve": "CVE-2016-2815",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2815"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2815",
          "url": "https://www.suse.com/security/cve/CVE-2016-2815"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2815",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983638 for CVE-2016-2815",
          "url": "https://bugzilla.suse.com/983638"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2815"
    },
    {
      "cve": "CVE-2016-2816",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2816"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2816",
          "url": "https://www.suse.com/security/cve/CVE-2016-2816"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977382 for CVE-2016-2816",
          "url": "https://bugzilla.suse.com/977382"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2816"
    },
    {
      "cve": "CVE-2016-2817",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2817"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2817",
          "url": "https://www.suse.com/security/cve/CVE-2016-2817"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977384 for CVE-2016-2817",
          "url": "https://bugzilla.suse.com/977384"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2817"
    },
    {
      "cve": "CVE-2016-2819",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2819"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2819",
          "url": "https://www.suse.com/security/cve/CVE-2016-2819"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2819",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983655 for CVE-2016-2819",
          "url": "https://bugzilla.suse.com/983655"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2819"
    },
    {
      "cve": "CVE-2016-2820",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2820"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2820",
          "url": "https://www.suse.com/security/cve/CVE-2016-2820"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 977388 for CVE-2016-2820",
          "url": "https://bugzilla.suse.com/977388"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2820"
    },
    {
      "cve": "CVE-2016-2821",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2821"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2821",
          "url": "https://www.suse.com/security/cve/CVE-2016-2821"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2821",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983653 for CVE-2016-2821",
          "url": "https://bugzilla.suse.com/983653"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2821"
    },
    {
      "cve": "CVE-2016-2822",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2822"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2822",
          "url": "https://www.suse.com/security/cve/CVE-2016-2822"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2822",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983652 for CVE-2016-2822",
          "url": "https://bugzilla.suse.com/983652"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2822"
    },
    {
      "cve": "CVE-2016-2824",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2824"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows, allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact by triggering use of a WebGL shader that writes to an array.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2824",
          "url": "https://www.suse.com/security/cve/CVE-2016-2824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2824",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983651 for CVE-2016-2824",
          "url": "https://bugzilla.suse.com/983651"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2824"
    },
    {
      "cve": "CVE-2016-2825",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2825"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2825",
          "url": "https://www.suse.com/security/cve/CVE-2016-2825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2825",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983649 for CVE-2016-2825",
          "url": "https://bugzilla.suse.com/983649"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2825"
    },
    {
      "cve": "CVE-2016-2827",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2827"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a Content Security Policy (CSP) referrer directive with zero values.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2827",
          "url": "https://www.suse.com/security/cve/CVE-2016-2827"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-2827",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-2827"
    },
    {
      "cve": "CVE-2016-2828",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2828"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture\u0027s recycle pool.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2828",
          "url": "https://www.suse.com/security/cve/CVE-2016-2828"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2828",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983646 for CVE-2016-2828",
          "url": "https://bugzilla.suse.com/983646"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2828"
    },
    {
      "cve": "CVE-2016-2829",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2829"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2829",
          "url": "https://www.suse.com/security/cve/CVE-2016-2829"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2829",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983644 for CVE-2016-2829",
          "url": "https://bugzilla.suse.com/983644"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2829"
    },
    {
      "cve": "CVE-2016-2830",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2830"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2830",
          "url": "https://www.suse.com/security/cve/CVE-2016-2830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983922 for CVE-2016-2830",
          "url": "https://bugzilla.suse.com/983922"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-2830",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2830"
    },
    {
      "cve": "CVE-2016-2831",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2831"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2831",
          "url": "https://www.suse.com/security/cve/CVE-2016-2831"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2831",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983632 for CVE-2016-2831",
          "url": "https://bugzilla.suse.com/983632"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983643 for CVE-2016-2831",
          "url": "https://bugzilla.suse.com/983643"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2831"
    },
    {
      "cve": "CVE-2016-2832",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2832"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2832",
          "url": "https://www.suse.com/security/cve/CVE-2016-2832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2832",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983632 for CVE-2016-2832",
          "url": "https://bugzilla.suse.com/983632"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2832"
    },
    {
      "cve": "CVE-2016-2833",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2833"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2833",
          "url": "https://www.suse.com/security/cve/CVE-2016-2833"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2833",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983640 for CVE-2016-2833",
          "url": "https://bugzilla.suse.com/983640"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2833"
    },
    {
      "cve": "CVE-2016-2834",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2834"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2834",
          "url": "https://www.suse.com/security/cve/CVE-2016-2834"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983549 for CVE-2016-2834",
          "url": "https://bugzilla.suse.com/983549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983639 for CVE-2016-2834",
          "url": "https://bugzilla.suse.com/983639"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2834"
    },
    {
      "cve": "CVE-2016-2835",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2835"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2835",
          "url": "https://www.suse.com/security/cve/CVE-2016-2835"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-2835",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2835"
    },
    {
      "cve": "CVE-2016-2837",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2837"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2837",
          "url": "https://www.suse.com/security/cve/CVE-2016-2837"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-2837",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2837"
    },
    {
      "cve": "CVE-2016-2838",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2838"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2838",
          "url": "https://www.suse.com/security/cve/CVE-2016-2838"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-2838",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2838"
    },
    {
      "cve": "CVE-2016-2839",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2839"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2839",
          "url": "https://www.suse.com/security/cve/CVE-2016-2839"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-2839",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2839"
    },
    {
      "cve": "CVE-2016-5250",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5250"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 48.0, Firefox ESR \u003c 45.4 and Thunderbird \u003c 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5250",
          "url": "https://www.suse.com/security/cve/CVE-2016-5250"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5250",
          "url": "https://bugzilla.suse.com/991809"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5250",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5250"
    },
    {
      "cve": "CVE-2016-5251",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5251"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5251",
          "url": "https://www.suse.com/security/cve/CVE-2016-5251"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5251",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5251"
    },
    {
      "cve": "CVE-2016-5252",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5252"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5252",
          "url": "https://www.suse.com/security/cve/CVE-2016-5252"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5252",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5252"
    },
    {
      "cve": "CVE-2016-5253",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5253"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5253",
          "url": "https://www.suse.com/security/cve/CVE-2016-5253"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5253",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5253"
    },
    {
      "cve": "CVE-2016-5254",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5254"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5254",
          "url": "https://www.suse.com/security/cve/CVE-2016-5254"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5254",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5254"
    },
    {
      "cve": "CVE-2016-5255",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5255"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep function in Mozilla Firefox before 48.0 allows remote attackers to execute arbitrary code via crafted JavaScript that is mishandled during incremental garbage collection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5255",
          "url": "https://www.suse.com/security/cve/CVE-2016-5255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5255",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5255"
    },
    {
      "cve": "CVE-2016-5256",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5256"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5256",
          "url": "https://www.suse.com/security/cve/CVE-2016-5256"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5256",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5256"
    },
    {
      "cve": "CVE-2016-5257",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5257"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird \u003c 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5257",
          "url": "https://www.suse.com/security/cve/CVE-2016-5257"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5257",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5257"
    },
    {
      "cve": "CVE-2016-5258",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5258"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5258",
          "url": "https://www.suse.com/security/cve/CVE-2016-5258"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5258",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5258"
    },
    {
      "cve": "CVE-2016-5259",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5259"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5259",
          "url": "https://www.suse.com/security/cve/CVE-2016-5259"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5259",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5259"
    },
    {
      "cve": "CVE-2016-5260",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5260"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 48.0 mishandles changes from \u0027INPUT type=\"password\"\u0027 to \u0027INPUT type=\"text\"\u0027 within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5260",
          "url": "https://www.suse.com/security/cve/CVE-2016-5260"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5260",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5260"
    },
    {
      "cve": "CVE-2016-5261",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5261"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5261",
          "url": "https://www.suse.com/security/cve/CVE-2016-5261"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5261",
          "url": "https://bugzilla.suse.com/991809"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5261",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5261"
    },
    {
      "cve": "CVE-2016-5262",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5262"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox=\"allow-scripts\" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5262",
          "url": "https://www.suse.com/security/cve/CVE-2016-5262"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5262",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5262"
    },
    {
      "cve": "CVE-2016-5263",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5263"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages \"type confusion.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5263",
          "url": "https://www.suse.com/security/cve/CVE-2016-5263"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5263",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5263"
    },
    {
      "cve": "CVE-2016-5264",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5264"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5264",
          "url": "https://www.suse.com/security/cve/CVE-2016-5264"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5264",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5264"
    },
    {
      "cve": "CVE-2016-5265",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5265"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5265",
          "url": "https://www.suse.com/security/cve/CVE-2016-5265"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5265",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5265"
    },
    {
      "cve": "CVE-2016-5266",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5266"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 48.0 does not properly restrict drag-and-drop (aka dataTransfer) actions for file: URIs, which allows user-assisted remote attackers to access local files via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5266",
          "url": "https://www.suse.com/security/cve/CVE-2016-5266"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5266",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5266"
    },
    {
      "cve": "CVE-2016-5267",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5267"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5267",
          "url": "https://www.suse.com/security/cve/CVE-2016-5267"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5267",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5267"
    },
    {
      "cve": "CVE-2016-5268",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5268"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI_SAFE_FOR_UNTRUSTED_CONTENT flags of about: URLs that are used for error pages, which makes it easier for remote attackers to conduct spoofing attacks via a crafted URL, as demonstrated by misleading text after an about:neterror?d= substring.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5268",
          "url": "https://www.suse.com/security/cve/CVE-2016-5268"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991809 for CVE-2016-5268",
          "url": "https://bugzilla.suse.com/991809"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5268"
    },
    {
      "cve": "CVE-2016-5270",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5270"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5270",
          "url": "https://www.suse.com/security/cve/CVE-2016-5270"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5270",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5270"
    },
    {
      "cve": "CVE-2016-5271",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5271"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a \"display: contents\" Cascading Style Sheets (CSS) property.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5271",
          "url": "https://www.suse.com/security/cve/CVE-2016-5271"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5271",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5271"
    },
    {
      "cve": "CVE-2016-5272",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5272"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5272",
          "url": "https://www.suse.com/security/cve/CVE-2016-5272"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5272",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5272"
    },
    {
      "cve": "CVE-2016-5273",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5273"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5273",
          "url": "https://www.suse.com/security/cve/CVE-2016-5273"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5273",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5273"
    },
    {
      "cve": "CVE-2016-5274",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5274"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5274",
          "url": "https://www.suse.com/security/cve/CVE-2016-5274"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5274",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5274"
    },
    {
      "cve": "CVE-2016-5275",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5275"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5275",
          "url": "https://www.suse.com/security/cve/CVE-2016-5275"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5275",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5275"
    },
    {
      "cve": "CVE-2016-5276",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5276"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5276",
          "url": "https://www.suse.com/security/cve/CVE-2016-5276"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5276",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5276"
    },
    {
      "cve": "CVE-2016-5277",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5277"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5277",
          "url": "https://www.suse.com/security/cve/CVE-2016-5277"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5277",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5277"
    },
    {
      "cve": "CVE-2016-5278",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5278"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5278",
          "url": "https://www.suse.com/security/cve/CVE-2016-5278"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5278",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5278"
    },
    {
      "cve": "CVE-2016-5279",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5279"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5279",
          "url": "https://www.suse.com/security/cve/CVE-2016-5279"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5279",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5279"
    },
    {
      "cve": "CVE-2016-5280",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5280"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code via bidirectional text.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5280",
          "url": "https://www.suse.com/security/cve/CVE-2016-5280"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5280",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5280"
    },
    {
      "cve": "CVE-2016-5281",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5281"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5281",
          "url": "https://www.suse.com/security/cve/CVE-2016-5281"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5281",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5281"
    },
    {
      "cve": "CVE-2016-5282",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5282"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5282",
          "url": "https://www.suse.com/security/cve/CVE-2016-5282"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5282",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5282"
    },
    {
      "cve": "CVE-2016-5283",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5283"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resized.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5283",
          "url": "https://www.suse.com/security/cve/CVE-2016-5283"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5283",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5283"
    },
    {
      "cve": "CVE-2016-5284",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5284"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5284",
          "url": "https://www.suse.com/security/cve/CVE-2016-5284"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 999701 for CVE-2016-5284",
          "url": "https://bugzilla.suse.com/999701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5284"
    },
    {
      "cve": "CVE-2016-5287",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5287"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox \u003c 49.0.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5287",
          "url": "https://www.suse.com/security/cve/CVE-2016-5287"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1006475 for CVE-2016-5287",
          "url": "https://bugzilla.suse.com/1006475"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5287"
    },
    {
      "cve": "CVE-2016-5288",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5288"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. This vulnerability affects Firefox \u003c 49.0.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5288",
          "url": "https://www.suse.com/security/cve/CVE-2016-5288"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1006476 for CVE-2016-5288",
          "url": "https://bugzilla.suse.com/1006476"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5288"
    },
    {
      "cve": "CVE-2016-5289",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5289"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 49. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5289",
          "url": "https://www.suse.com/security/cve/CVE-2016-5289"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-5289",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010426 for CVE-2016-5289",
          "url": "https://bugzilla.suse.com/1010426"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5289"
    },
    {
      "cve": "CVE-2016-5290",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5290"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5290",
          "url": "https://www.suse.com/security/cve/CVE-2016-5290"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-5290",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010427 for CVE-2016-5290",
          "url": "https://bugzilla.suse.com/1010427"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5290"
    },
    {
      "cve": "CVE-2016-5291",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5291"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5291",
          "url": "https://www.suse.com/security/cve/CVE-2016-5291"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-5291",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010410 for CVE-2016-5291",
          "url": "https://bugzilla.suse.com/1010410"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5291"
    },
    {
      "cve": "CVE-2016-5292",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5292"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5292",
          "url": "https://www.suse.com/security/cve/CVE-2016-5292"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-5292",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010399 for CVE-2016-5292",
          "url": "https://bugzilla.suse.com/1010399"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5292"
    },
    {
      "cve": "CVE-2016-5293",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5293"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When the Mozilla Updater is run, if the Updater\u0027s log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox ESR \u003c 45.5 and Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5293",
          "url": "https://www.suse.com/security/cve/CVE-2016-5293"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-5293",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010400 for CVE-2016-5293",
          "url": "https://bugzilla.suse.com/1010400"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5293"
    },
    {
      "cve": "CVE-2016-5294",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5294"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5294",
          "url": "https://www.suse.com/security/cve/CVE-2016-5294"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-5294",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010396 for CVE-2016-5294",
          "url": "https://bugzilla.suse.com/1010396"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5294"
    },
    {
      "cve": "CVE-2016-5295",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5295"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vulnerability requires local system access and is a variant of MFSA2013-44. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5295",
          "url": "https://www.suse.com/security/cve/CVE-2016-5295"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-5295",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010411 for CVE-2016-5295",
          "url": "https://bugzilla.suse.com/1010411"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5295"
    },
    {
      "cve": "CVE-2016-5296",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5296"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5296",
          "url": "https://www.suse.com/security/cve/CVE-2016-5296"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-5296",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010395 for CVE-2016-5296",
          "url": "https://bugzilla.suse.com/1010395"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5296"
    },
    {
      "cve": "CVE-2016-5297",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5297"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5297",
          "url": "https://www.suse.com/security/cve/CVE-2016-5297"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-5297",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010401 for CVE-2016-5297",
          "url": "https://bugzilla.suse.com/1010401"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5297"
    },
    {
      "cve": "CVE-2016-5298",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5298"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mechanism where disruption of the loading of a new web page can cause the previous page\u0027s favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5298",
          "url": "https://www.suse.com/security/cve/CVE-2016-5298"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-5298",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010412 for CVE-2016-5298",
          "url": "https://bugzilla.suse.com/1010412"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5298"
    },
    {
      "cve": "CVE-2016-5299",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5299"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5299",
          "url": "https://www.suse.com/security/cve/CVE-2016-5299"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-5299",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010413 for CVE-2016-5299",
          "url": "https://bugzilla.suse.com/1010413"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-5299"
    },
    {
      "cve": "CVE-2016-6354",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-6354"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-6354",
          "url": "https://www.suse.com/security/cve/CVE-2016-6354"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1026047 for CVE-2016-6354",
          "url": "https://bugzilla.suse.com/1026047"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2016-6354",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2016-6354",
          "url": "https://bugzilla.suse.com/1035209"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 990856 for CVE-2016-6354",
          "url": "https://bugzilla.suse.com/990856"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-6354"
    },
    {
      "cve": "CVE-2016-9061",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9061"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9061",
          "url": "https://www.suse.com/security/cve/CVE-2016-9061"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9061",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010418 for CVE-2016-9061",
          "url": "https://bugzilla.suse.com/1010418"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9061"
    },
    {
      "cve": "CVE-2016-9062",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9062"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Private browsing mode leaves metadata information, such as URLs, for sites visited in \"browser.db\" and \"browser.db-wal\" files within the Firefox profile after the mode is exited. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9062",
          "url": "https://www.suse.com/security/cve/CVE-2016-9062"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9062",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010419 for CVE-2016-9062",
          "url": "https://bugzilla.suse.com/1010419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9062"
    },
    {
      "cve": "CVE-2016-9063",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9063"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9063",
          "url": "https://www.suse.com/security/cve/CVE-2016-9063"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9063",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010424 for CVE-2016-9063",
          "url": "https://bugzilla.suse.com/1010424"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1047240 for CVE-2016-9063",
          "url": "https://bugzilla.suse.com/1047240"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123115 for CVE-2016-9063",
          "url": "https://bugzilla.suse.com/1123115"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2016-9063"
    },
    {
      "cve": "CVE-2016-9064",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9064"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. An attacker who could perform a man-in-the-middle attack on the user\u0027s connection to the update server and defeat the certificate pinning protection could provide a malicious signed add-on instead of a valid update. This vulnerability affects Firefox ESR \u003c 45.5 and Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9064",
          "url": "https://www.suse.com/security/cve/CVE-2016-9064"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9064",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010402 for CVE-2016-9064",
          "url": "https://bugzilla.suse.com/1010402"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9064"
    },
    {
      "cve": "CVE-2016-9065",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9065"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9065",
          "url": "https://www.suse.com/security/cve/CVE-2016-9065"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9065",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010403 for CVE-2016-9065",
          "url": "https://bugzilla.suse.com/1010403"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9065"
    },
    {
      "cve": "CVE-2016-9066",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9066"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9066",
          "url": "https://www.suse.com/security/cve/CVE-2016-9066"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9066",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010404 for CVE-2016-9066",
          "url": "https://bugzilla.suse.com/1010404"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9066"
    },
    {
      "cve": "CVE-2016-9067",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9067"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9067",
          "url": "https://www.suse.com/security/cve/CVE-2016-9067"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9067",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010405 for CVE-2016-9067",
          "url": "https://bugzilla.suse.com/1010405"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9067"
    },
    {
      "cve": "CVE-2016-9068",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9068"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9068",
          "url": "https://www.suse.com/security/cve/CVE-2016-9068"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9068",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010406 for CVE-2016-9068",
          "url": "https://bugzilla.suse.com/1010406"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-9068"
    },
    {
      "cve": "CVE-2016-9069",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9069"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9069",
          "url": "https://www.suse.com/security/cve/CVE-2016-9069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9069",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010405 for CVE-2016-9069",
          "url": "https://bugzilla.suse.com/1010405"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9069"
    },
    {
      "cve": "CVE-2016-9070",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9070"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9070",
          "url": "https://www.suse.com/security/cve/CVE-2016-9070"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9070",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010420 for CVE-2016-9070",
          "url": "https://bugzilla.suse.com/1010420"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-9070"
    },
    {
      "cve": "CVE-2016-9071",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9071"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user\u0027s browser history. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9071",
          "url": "https://www.suse.com/security/cve/CVE-2016-9071"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9071",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010425 for CVE-2016-9071",
          "url": "https://bugzilla.suse.com/1010425"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-9071"
    },
    {
      "cve": "CVE-2016-9072",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9072"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9072",
          "url": "https://www.suse.com/security/cve/CVE-2016-9072"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9072",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010407 for CVE-2016-9072",
          "url": "https://bugzilla.suse.com/1010407"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9072"
    },
    {
      "cve": "CVE-2016-9073",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9073"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9073",
          "url": "https://www.suse.com/security/cve/CVE-2016-9073"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9073",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010421 for CVE-2016-9073",
          "url": "https://bugzilla.suse.com/1010421"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-9073"
    },
    {
      "cve": "CVE-2016-9074",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9074"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9074",
          "url": "https://www.suse.com/security/cve/CVE-2016-9074"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9074",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010422 for CVE-2016-9074",
          "url": "https://bugzilla.suse.com/1010422"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-9074"
    },
    {
      "cve": "CVE-2016-9075",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9075"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9075",
          "url": "https://www.suse.com/security/cve/CVE-2016-9075"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9075",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010408 for CVE-2016-9075",
          "url": "https://bugzilla.suse.com/1010408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9075"
    },
    {
      "cve": "CVE-2016-9076",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9076"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue where a \"\u003cselect\u003e\" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9076",
          "url": "https://www.suse.com/security/cve/CVE-2016-9076"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9076",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010423 for CVE-2016-9076",
          "url": "https://bugzilla.suse.com/1010423"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9076"
    },
    {
      "cve": "CVE-2016-9077",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9077"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Canvas allows the use of the \"feDisplacementMap\" filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, allowing for timing attacks when the images are loaded from third party locations. This vulnerability affects Firefox \u003c 50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9077",
          "url": "https://www.suse.com/security/cve/CVE-2016-9077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1009026 for CVE-2016-9077",
          "url": "https://bugzilla.suse.com/1009026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1010409 for CVE-2016-9077",
          "url": "https://bugzilla.suse.com/1010409"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9077"
    },
    {
      "cve": "CVE-2016-9078",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9078"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Redirection from an HTTP connection to a \"data:\" URL assigns the referring site\u0027s origin to the \"data:\" URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. Note: This issue only affects Firefox 49 and 50. This vulnerability affects Firefox \u003c 50.0.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9078",
          "url": "https://www.suse.com/security/cve/CVE-2016-9078"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1012807 for CVE-2016-9078",
          "url": "https://bugzilla.suse.com/1012807"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9078"
    },
    {
      "cve": "CVE-2016-9079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox \u003c 50.0.2, Firefox ESR \u003c 45.5.1, and Thunderbird \u003c 45.5.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9079",
          "url": "https://www.suse.com/security/cve/CVE-2016-9079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1012964 for CVE-2016-9079",
          "url": "https://bugzilla.suse.com/1012964"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9079"
    },
    {
      "cve": "CVE-2016-9080",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9080"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 50.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9080",
          "url": "https://www.suse.com/security/cve/CVE-2016-9080"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9080",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9080"
    },
    {
      "cve": "CVE-2016-9893",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9893"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Thunderbird 45.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9893",
          "url": "https://www.suse.com/security/cve/CVE-2016-9893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9893",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9893"
    },
    {
      "cve": "CVE-2016-9894",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9894"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 50.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9894",
          "url": "https://www.suse.com/security/cve/CVE-2016-9894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9894",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9894"
    },
    {
      "cve": "CVE-2016-9895",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9895"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Event handlers on \"marquee\" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9895",
          "url": "https://www.suse.com/security/cve/CVE-2016-9895"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9895",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9895"
    },
    {
      "cve": "CVE-2016-9896",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9896"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free while manipulating the \"navigator\" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability affects Firefox \u003c 50.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9896",
          "url": "https://www.suse.com/security/cve/CVE-2016-9896"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9896",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9896"
    },
    {
      "cve": "CVE-2016-9897",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9897"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9897",
          "url": "https://www.suse.com/security/cve/CVE-2016-9897"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9897",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9897"
    },
    {
      "cve": "CVE-2016-9898",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9898"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9898",
          "url": "https://www.suse.com/security/cve/CVE-2016-9898"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9898",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9898"
    },
    {
      "cve": "CVE-2016-9899",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9899"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9899",
          "url": "https://www.suse.com/security/cve/CVE-2016-9899"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9899",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9899"
    },
    {
      "cve": "CVE-2016-9900",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9900"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of \"data:\" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9900",
          "url": "https://www.suse.com/security/cve/CVE-2016-9900"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9900",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9900"
    },
    {
      "cve": "CVE-2016-9901",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9901"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the \"about:pocket-saved\" (unprivileged) page, giving it access to Pocket\u0027s messaging API through HTML injection. This vulnerability affects Firefox ESR \u003c 45.6 and Firefox \u003c 50.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9901",
          "url": "https://www.suse.com/security/cve/CVE-2016-9901"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9901",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9901"
    },
    {
      "cve": "CVE-2016-9902",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9902"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Pocket toolbar button, once activated, listens for events fired from it\u0027s own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not affect users with e10s enabled. This vulnerability affects Firefox ESR \u003c 45.6 and Firefox \u003c 50.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9902",
          "url": "https://www.suse.com/security/cve/CVE-2016-9902"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9902",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9902"
    },
    {
      "cve": "CVE-2016-9903",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9903"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla\u0027s add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an additional vulnerability allowed this resource to be loaded as a document it could allow injecting content and script into an add-on\u0027s context. This vulnerability affects Firefox \u003c 50.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9903",
          "url": "https://www.suse.com/security/cve/CVE-2016-9903"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9903",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9903"
    },
    {
      "cve": "CVE-2016-9904",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9904"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9904",
          "url": "https://www.suse.com/security/cve/CVE-2016-9904"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015422 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015527 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015528 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015529 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015530 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015531 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015533 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015534 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015535 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015536 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015537 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015538 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015540 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015541 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1015542 for CVE-2016-9904",
          "url": "https://bugzilla.suse.com/1015542"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9904"
    },
    {
      "cve": "CVE-2017-16541",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-16541"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-16541",
          "url": "https://www.suse.com/security/cve/CVE-2017-16541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1066489 for CVE-2017-16541",
          "url": "https://bugzilla.suse.com/1066489"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1107343 for CVE-2017-16541",
          "url": "https://bugzilla.suse.com/1107343"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-16541"
    },
    {
      "cve": "CVE-2017-5373",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5373"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5373",
          "url": "https://www.suse.com/security/cve/CVE-2017-5373"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021824 for CVE-2017-5373",
          "url": "https://bugzilla.suse.com/1021824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5373",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5373"
    },
    {
      "cve": "CVE-2017-5374",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5374"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5374",
          "url": "https://www.suse.com/security/cve/CVE-2017-5374"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021841 for CVE-2017-5374",
          "url": "https://bugzilla.suse.com/1021841"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5374",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5374"
    },
    {
      "cve": "CVE-2017-5375",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5375"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5375",
          "url": "https://www.suse.com/security/cve/CVE-2017-5375"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021814 for CVE-2017-5375",
          "url": "https://bugzilla.suse.com/1021814"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5375",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5375"
    },
    {
      "cve": "CVE-2017-5376",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5376"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5376",
          "url": "https://www.suse.com/security/cve/CVE-2017-5376"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021817 for CVE-2017-5376",
          "url": "https://bugzilla.suse.com/1021817"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5376",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5376"
    },
    {
      "cve": "CVE-2017-5377",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5377"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5377",
          "url": "https://www.suse.com/security/cve/CVE-2017-5377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021826 for CVE-2017-5377",
          "url": "https://bugzilla.suse.com/1021826"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5377",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5377"
    },
    {
      "cve": "CVE-2017-5378",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5378"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object\u0027s address can be discovered through hash codes, and also allows for data leakage of an object\u0027s content using these hash codes. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5378",
          "url": "https://www.suse.com/security/cve/CVE-2017-5378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021818 for CVE-2017-5378",
          "url": "https://bugzilla.suse.com/1021818"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5378",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5378"
    },
    {
      "cve": "CVE-2017-5379",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5379"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5379",
          "url": "https://www.suse.com/security/cve/CVE-2017-5379"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021827 for CVE-2017-5379",
          "url": "https://bugzilla.suse.com/1021827"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5379",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5379"
    },
    {
      "cve": "CVE-2017-5380",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5380"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5380",
          "url": "https://www.suse.com/security/cve/CVE-2017-5380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021819 for CVE-2017-5380",
          "url": "https://bugzilla.suse.com/1021819"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5380",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5380"
    },
    {
      "cve": "CVE-2017-5381",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5381"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \"export\" function in the Certificate Viewer can force local filesystem navigation when the \"common name\" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5381",
          "url": "https://www.suse.com/security/cve/CVE-2017-5381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021830 for CVE-2017-5381",
          "url": "https://bugzilla.suse.com/1021830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5381",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5381"
    },
    {
      "cve": "CVE-2017-5382",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5382"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5382",
          "url": "https://www.suse.com/security/cve/CVE-2017-5382"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021831 for CVE-2017-5382",
          "url": "https://bugzilla.suse.com/1021831"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5382",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5382"
    },
    {
      "cve": "CVE-2017-5383",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5383"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5383",
          "url": "https://www.suse.com/security/cve/CVE-2017-5383"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021822 for CVE-2017-5383",
          "url": "https://bugzilla.suse.com/1021822"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5383",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5383"
    },
    {
      "cve": "CVE-2017-5384",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5384"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed to be non-malicious, but if a user has enabled Web Proxy Auto Detect (WPAD) this file can be served remotely. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5384",
          "url": "https://www.suse.com/security/cve/CVE-2017-5384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021832 for CVE-2017-5384",
          "url": "https://bugzilla.suse.com/1021832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5384",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5384"
    },
    {
      "cve": "CVE-2017-5385",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5385"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5385",
          "url": "https://www.suse.com/security/cve/CVE-2017-5385"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021833 for CVE-2017-5385",
          "url": "https://bugzilla.suse.com/1021833"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5385",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5385"
    },
    {
      "cve": "CVE-2017-5386",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5386"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtension scripts can use the \"data:\" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR \u003c 45.7 and Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5386",
          "url": "https://www.suse.com/security/cve/CVE-2017-5386"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021823 for CVE-2017-5386",
          "url": "https://bugzilla.suse.com/1021823"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5386",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-5386"
    },
    {
      "cve": "CVE-2017-5387",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5387"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The existence of a specifically requested local file can be found due to the double firing of the \"onerror\" when the \"source\" attribute on a \"\u003ctrack\u003e\" tag refers to a file that does not exist if the source page is loaded locally. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5387",
          "url": "https://www.suse.com/security/cve/CVE-2017-5387"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021839 for CVE-2017-5387",
          "url": "https://bugzilla.suse.com/1021839"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5387",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-5387"
    },
    {
      "cve": "CVE-2017-5388",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5388"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A STUN server in conjunction with a large number of \"webkitRTCPeerConnection\" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5388",
          "url": "https://www.suse.com/security/cve/CVE-2017-5388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021840 for CVE-2017-5388",
          "url": "https://bugzilla.suse.com/1021840"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5388",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5388"
    },
    {
      "cve": "CVE-2017-5389",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5389"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtensions could use the \"mozAddonManager\" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5389",
          "url": "https://www.suse.com/security/cve/CVE-2017-5389"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021828 for CVE-2017-5389",
          "url": "https://bugzilla.suse.com/1021828"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5389",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5389"
    },
    {
      "cve": "CVE-2017-5390",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5390"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5390",
          "url": "https://www.suse.com/security/cve/CVE-2017-5390"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021820 for CVE-2017-5390",
          "url": "https://bugzilla.suse.com/1021820"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5390",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5390"
    },
    {
      "cve": "CVE-2017-5391",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5391"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Special \"about:\" pages used by web content, such as RSS feeds, can load privileged \"about:\" pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5391",
          "url": "https://www.suse.com/security/cve/CVE-2017-5391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021835 for CVE-2017-5391",
          "url": "https://bugzilla.suse.com/1021835"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5391",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5391"
    },
    {
      "cve": "CVE-2017-5392",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5392"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5392",
          "url": "https://www.suse.com/security/cve/CVE-2017-5392"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021836 for CVE-2017-5392",
          "url": "https://bugzilla.suse.com/1021836"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5392"
    },
    {
      "cve": "CVE-2017-5393",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5393"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \"mozAddonManager\" allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5393",
          "url": "https://www.suse.com/security/cve/CVE-2017-5393"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021837 for CVE-2017-5393",
          "url": "https://bugzilla.suse.com/1021837"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5393",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5393"
    },
    {
      "cve": "CVE-2017-5394",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5394"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A location bar spoofing attack where the location bar of loaded page will be shown over the content of another tab due to a series of JavaScript events combined with fullscreen mode. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5394",
          "url": "https://www.suse.com/security/cve/CVE-2017-5394"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021834 for CVE-2017-5394",
          "url": "https://bugzilla.suse.com/1021834"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5394"
    },
    {
      "cve": "CVE-2017-5395",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5395"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Malicious sites can display a spoofed location bar on a subsequently loaded page when the existing location bar on the new page is scrolled out of view if navigations between pages can be timed correctly. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5395",
          "url": "https://www.suse.com/security/cve/CVE-2017-5395"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021838 for CVE-2017-5395",
          "url": "https://bugzilla.suse.com/1021838"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5395"
    },
    {
      "cve": "CVE-2017-5396",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5396"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5396",
          "url": "https://www.suse.com/security/cve/CVE-2017-5396"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021821 for CVE-2017-5396",
          "url": "https://bugzilla.suse.com/1021821"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1021991 for CVE-2017-5396",
          "url": "https://bugzilla.suse.com/1021991"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5396"
    },
    {
      "cve": "CVE-2017-5398",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5398"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5398",
          "url": "https://www.suse.com/security/cve/CVE-2017-5398"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5398",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5398",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5398"
    },
    {
      "cve": "CVE-2017-5399",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5399"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5399",
          "url": "https://www.suse.com/security/cve/CVE-2017-5399"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5399",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5399",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5399"
    },
    {
      "cve": "CVE-2017-5400",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5400"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5400",
          "url": "https://www.suse.com/security/cve/CVE-2017-5400"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5400",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5400",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5400"
    },
    {
      "cve": "CVE-2017-5401",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5401"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crash triggerable by web content in which an \"ErrorResult\" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5401",
          "url": "https://www.suse.com/security/cve/CVE-2017-5401"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5401",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5401",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5401"
    },
    {
      "cve": "CVE-2017-5402",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5402"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free can occur when events are fired for a \"FontFace\" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5402",
          "url": "https://www.suse.com/security/cve/CVE-2017-5402"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5402",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5402",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5402"
    },
    {
      "cve": "CVE-2017-5403",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5403"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When adding a range to an object in the DOM, it is possible to use \"addRange\" to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5403",
          "url": "https://www.suse.com/security/cve/CVE-2017-5403"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5403",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5403",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5403"
    },
    {
      "cve": "CVE-2017-5404",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5404"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5404",
          "url": "https://www.suse.com/security/cve/CVE-2017-5404"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5404",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5404",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5404"
    },
    {
      "cve": "CVE-2017-5405",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5405"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5405",
          "url": "https://www.suse.com/security/cve/CVE-2017-5405"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5405",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5405",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5405"
    },
    {
      "cve": "CVE-2017-5406",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5406"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5406",
          "url": "https://www.suse.com/security/cve/CVE-2017-5406"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5406",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5406",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5406"
    },
    {
      "cve": "CVE-2017-5407",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5407"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Using SVG filters that don\u0027t use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information disclosure. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5407",
          "url": "https://www.suse.com/security/cve/CVE-2017-5407"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5407",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5407",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5407"
    },
    {
      "cve": "CVE-2017-5408",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5408"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5408",
          "url": "https://www.suse.com/security/cve/CVE-2017-5408"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5408",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5408",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5408"
    },
    {
      "cve": "CVE-2017-5410",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5410"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5410",
          "url": "https://www.suse.com/security/cve/CVE-2017-5410"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5410",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5410",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5410"
    },
    {
      "cve": "CVE-2017-5412",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5412"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow read during SVG filter color value operations, resulting in data exposure. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5412",
          "url": "https://www.suse.com/security/cve/CVE-2017-5412"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5412",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5412",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5412"
    },
    {
      "cve": "CVE-2017-5413",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5413"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A segmentation fault can occur during some bidirectional layout operations. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5413",
          "url": "https://www.suse.com/security/cve/CVE-2017-5413"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5413",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5413",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5413"
    },
    {
      "cve": "CVE-2017-5414",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5414"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5414",
          "url": "https://www.suse.com/security/cve/CVE-2017-5414"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5414",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5414",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5414"
    },
    {
      "cve": "CVE-2017-5415",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5415"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by \"blob:\" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5415",
          "url": "https://www.suse.com/security/cve/CVE-2017-5415"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5415",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5415",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5415"
    },
    {
      "cve": "CVE-2017-5416",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5416"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5416",
          "url": "https://www.suse.com/security/cve/CVE-2017-5416"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5416",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5416",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5416"
    },
    {
      "cve": "CVE-2017-5417",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5417"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects Firefox \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5417",
          "url": "https://www.suse.com/security/cve/CVE-2017-5417"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5417",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5417",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5417"
    },
    {
      "cve": "CVE-2017-5418",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5418"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5418",
          "url": "https://www.suse.com/security/cve/CVE-2017-5418"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5418",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5418",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5418"
    },
    {
      "cve": "CVE-2017-5419",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5419"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service (DOS) attack. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5419",
          "url": "https://www.suse.com/security/cve/CVE-2017-5419"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5419",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5419",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5419"
    },
    {
      "cve": "CVE-2017-5420",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5420"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A \"javascript:\" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page\u0027s address being displayed correctly. This vulnerability affects Firefox \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5420",
          "url": "https://www.suse.com/security/cve/CVE-2017-5420"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5420",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5420",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5420"
    },
    {
      "cve": "CVE-2017-5421",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5421"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5421",
          "url": "https://www.suse.com/security/cve/CVE-2017-5421"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5421",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5421",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5421"
    },
    {
      "cve": "CVE-2017-5422",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5422"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a malicious site uses the \"view-source:\" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making \"view-source:\" linkable. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5422",
          "url": "https://www.suse.com/security/cve/CVE-2017-5422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5422",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5422",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5422"
    },
    {
      "cve": "CVE-2017-5426",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5426"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. Note: this issue only affects Linux. Other operating systems are not affected. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5426",
          "url": "https://www.suse.com/security/cve/CVE-2017-5426"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5426",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5426",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5426"
    },
    {
      "cve": "CVE-2017-5427",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5427"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files. This vulnerability affects Firefox \u003c 52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5427",
          "url": "https://www.suse.com/security/cve/CVE-2017-5427"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028391 for CVE-2017-5427",
          "url": "https://bugzilla.suse.com/1028391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028393 for CVE-2017-5427",
          "url": "https://bugzilla.suse.com/1028393"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5427"
    },
    {
      "cve": "CVE-2017-5428",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5428"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow in \"createImageBitmap()\" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the \"createImageBitmap\" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user\u0027s computer. This vulnerability affects Firefox ESR \u003c 52.0.1 and Firefox \u003c 52.0.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5428",
          "url": "https://www.suse.com/security/cve/CVE-2017-5428"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1029822 for CVE-2017-5428",
          "url": "https://bugzilla.suse.com/1029822"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5428"
    },
    {
      "cve": "CVE-2017-5429",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5429"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5429",
          "url": "https://www.suse.com/security/cve/CVE-2017-5429"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5429",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5429",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5429"
    },
    {
      "cve": "CVE-2017-5430",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5430"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5430",
          "url": "https://www.suse.com/security/cve/CVE-2017-5430"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5430",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5430",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5430"
    },
    {
      "cve": "CVE-2017-5432",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5432"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5432",
          "url": "https://www.suse.com/security/cve/CVE-2017-5432"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5432",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5432",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5432"
    },
    {
      "cve": "CVE-2017-5433",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5433"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5433",
          "url": "https://www.suse.com/security/cve/CVE-2017-5433"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5433",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5433",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5433"
    },
    {
      "cve": "CVE-2017-5434",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5434"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5434",
          "url": "https://www.suse.com/security/cve/CVE-2017-5434"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5434",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5434",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5434"
    },
    {
      "cve": "CVE-2017-5435",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5435"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5435",
          "url": "https://www.suse.com/security/cve/CVE-2017-5435"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5435",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5435",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5435"
    },
    {
      "cve": "CVE-2017-5436",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5436"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5436",
          "url": "https://www.suse.com/security/cve/CVE-2017-5436"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5436",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035204 for CVE-2017-5436",
          "url": "https://bugzilla.suse.com/1035204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5436"
    },
    {
      "cve": "CVE-2017-5437",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5437"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2016-10195, CVE-2016-10196, CVE-2016-10197.  Reason: This candidate is a duplicate of CVE-2016-10195, CVE-2016-10196, and CVE-2016-10197.  Notes: All CVE users should reference CVE-2016-10195, CVE-2016-10196, and/or CVE-2016-10197 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5437",
          "url": "https://www.suse.com/security/cve/CVE-2017-5437"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5437",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5437",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5437"
    },
    {
      "cve": "CVE-2017-5438",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5438"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5438",
          "url": "https://www.suse.com/security/cve/CVE-2017-5438"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5438",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5438",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5438"
    },
    {
      "cve": "CVE-2017-5439",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5439"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5439",
          "url": "https://www.suse.com/security/cve/CVE-2017-5439"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5439",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5439",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5439"
    },
    {
      "cve": "CVE-2017-5440",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5440"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5440",
          "url": "https://www.suse.com/security/cve/CVE-2017-5440"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5440",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5440",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5440"
    },
    {
      "cve": "CVE-2017-5441",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5441"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5441",
          "url": "https://www.suse.com/security/cve/CVE-2017-5441"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5441",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5441",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5441"
    },
    {
      "cve": "CVE-2017-5442",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5442"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5442",
          "url": "https://www.suse.com/security/cve/CVE-2017-5442"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5442",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5442",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5442"
    },
    {
      "cve": "CVE-2017-5443",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5443"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5443",
          "url": "https://www.suse.com/security/cve/CVE-2017-5443"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5443",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5443",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5443"
    },
    {
      "cve": "CVE-2017-5444",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5444"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow vulnerability while parsing \"application/http-index-format\" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5444",
          "url": "https://www.suse.com/security/cve/CVE-2017-5444"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5444",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5444",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5444"
    },
    {
      "cve": "CVE-2017-5445",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5445"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability while parsing \"application/http-index-format\" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5445",
          "url": "https://www.suse.com/security/cve/CVE-2017-5445"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5445",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5445",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5445"
    },
    {
      "cve": "CVE-2017-5446",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5446"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds read when an HTTP/2 connection to a servers sends \"DATA\" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5446",
          "url": "https://www.suse.com/security/cve/CVE-2017-5446"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5446",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5446",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5446"
    },
    {
      "cve": "CVE-2017-5447",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5447"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5447",
          "url": "https://www.suse.com/security/cve/CVE-2017-5447"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5447",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5447",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5447"
    },
    {
      "cve": "CVE-2017-5448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds write in \"ClearKeyDecryptor\" while decrypting some Clearkey-encrypted media content. The \"ClearKeyDecryptor\" code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data within memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5448",
          "url": "https://www.suse.com/security/cve/CVE-2017-5448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5448",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5448",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5448"
    },
    {
      "cve": "CVE-2017-5449",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5449"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5449",
          "url": "https://www.suse.com/security/cve/CVE-2017-5449"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5449",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5449",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5449"
    },
    {
      "cve": "CVE-2017-5451",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5451"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mechanism to spoof the addressbar through the user interaction on the addressbar and the \"onblur\" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5451",
          "url": "https://www.suse.com/security/cve/CVE-2017-5451"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5451",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5451",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5451"
    },
    {
      "cve": "CVE-2017-5453",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5453"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed\u0027s \"TITLE\" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5453",
          "url": "https://www.suse.com/security/cve/CVE-2017-5453"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5453",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5453",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5453"
    },
    {
      "cve": "CVE-2017-5454",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5454"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5454",
          "url": "https://www.suse.com/security/cve/CVE-2017-5454"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5454",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5454",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-5454"
    },
    {
      "cve": "CVE-2017-5455",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5455"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR \u003c 52.1 and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5455",
          "url": "https://www.suse.com/security/cve/CVE-2017-5455"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5455",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5455",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5455"
    },
    {
      "cve": "CVE-2017-5456",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5456"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR \u003c 52.1 and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5456",
          "url": "https://www.suse.com/security/cve/CVE-2017-5456"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5456",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5456",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5456"
    },
    {
      "cve": "CVE-2017-5458",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5458"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a \"javascript:\" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves. This vulnerability affects Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5458",
          "url": "https://www.suse.com/security/cve/CVE-2017-5458"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5458",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5458",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5458"
    },
    {
      "cve": "CVE-2017-5459",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5459"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5459",
          "url": "https://www.suse.com/security/cve/CVE-2017-5459"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5459",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5459",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5459"
    },
    {
      "cve": "CVE-2017-5460",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5460"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5460",
          "url": "https://www.suse.com/security/cve/CVE-2017-5460"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5460",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5460",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5460"
    },
    {
      "cve": "CVE-2017-5461",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5461"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5461",
          "url": "https://www.suse.com/security/cve/CVE-2017-5461"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5461",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5461",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5461"
    },
    {
      "cve": "CVE-2017-5462",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5462"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5462",
          "url": "https://www.suse.com/security/cve/CVE-2017-5462"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5462",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5462",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5462"
    },
    {
      "cve": "CVE-2017-5464",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5464"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5464",
          "url": "https://www.suse.com/security/cve/CVE-2017-5464"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5464",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5464",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5464"
    },
    {
      "cve": "CVE-2017-5465",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5465"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds read while processing SVG content in \"ConvolvePixel\". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5465",
          "url": "https://www.suse.com/security/cve/CVE-2017-5465"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5465",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5465",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5465"
    },
    {
      "cve": "CVE-2017-5466",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5466"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a page is loaded from an original site through a hyperlink and contains a redirect to a \"data:text/html\" URL, triggering a reload will run the reloaded \"data:text/html\" page with its origin set incorrectly. This allows for a cross-site scripting (XSS) attack. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5466",
          "url": "https://www.suse.com/security/cve/CVE-2017-5466"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5466",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5466",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5466"
    },
    {
      "cve": "CVE-2017-5467",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5467"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5467",
          "url": "https://www.suse.com/security/cve/CVE-2017-5467"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5467",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5467",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5467"
    },
    {
      "cve": "CVE-2017-5468",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5468"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue with incorrect ownership model of \"privateBrowsing\" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5468",
          "url": "https://www.suse.com/security/cve/CVE-2017-5468"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5468",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5468",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5468"
    },
    {
      "cve": "CVE-2017-5469",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5469"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5469",
          "url": "https://www.suse.com/security/cve/CVE-2017-5469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035082 for CVE-2017-5469",
          "url": "https://bugzilla.suse.com/1035082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035209 for CVE-2017-5469",
          "url": "https://bugzilla.suse.com/1035209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5469"
    },
    {
      "cve": "CVE-2017-7753",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7753"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7753",
          "url": "https://www.suse.com/security/cve/CVE-2017-7753"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7753",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7753"
    },
    {
      "cve": "CVE-2017-7779",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7779"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7779",
          "url": "https://www.suse.com/security/cve/CVE-2017-7779"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7779",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7779"
    },
    {
      "cve": "CVE-2017-7780",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7780"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 54. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7780",
          "url": "https://www.suse.com/security/cve/CVE-2017-7780"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7780",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7780"
    },
    {
      "cve": "CVE-2017-7781",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7781"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result \"POINT_AT_INFINITY\" when it should not. A man-in-the-middle attacker could use this to interfere with a connection, resulting in an attacked party computing an incorrect shared secret. This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7781",
          "url": "https://www.suse.com/security/cve/CVE-2017-7781"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7781",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7781"
    },
    {
      "cve": "CVE-2017-7782",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7782"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An error in the \"WindowsDllDetourPatcher\" where a RWX (\"Read/Write/Execute\") 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7782",
          "url": "https://www.suse.com/security/cve/CVE-2017-7782"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7782",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7782"
    },
    {
      "cve": "CVE-2017-7783",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7783"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a long user name is used in a username/password combination in a site URL (such as \" http://UserName:Password@example.com\"), the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service. This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7783",
          "url": "https://www.suse.com/security/cve/CVE-2017-7783"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7783",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7783"
    },
    {
      "cve": "CVE-2017-7784",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7784"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7784",
          "url": "https://www.suse.com/security/cve/CVE-2017-7784"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7784",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7784"
    },
    {
      "cve": "CVE-2017-7785",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7785"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7785",
          "url": "https://www.suse.com/security/cve/CVE-2017-7785"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7785",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7785"
    },
    {
      "cve": "CVE-2017-7786",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7786"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7786",
          "url": "https://www.suse.com/security/cve/CVE-2017-7786"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7786",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7786"
    },
    {
      "cve": "CVE-2017-7787",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7787"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7787",
          "url": "https://www.suse.com/security/cve/CVE-2017-7787"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7787",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7787"
    },
    {
      "cve": "CVE-2017-7788",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7788"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When an \"iframe\" has a \"sandbox\" attribute and its content is specified using \"srcdoc\", that content does not inherit the containing page\u0027s Content Security Policy (CSP) as it should unless the sandbox attribute included \"allow-same-origin\". This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7788",
          "url": "https://www.suse.com/security/cve/CVE-2017-7788"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7788",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7788"
    },
    {
      "cve": "CVE-2017-7789",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7789"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a server sends two Strict-Transport-Security (STS) headers for a single connection, they will be rejected as invalid and HTTP Strict Transport Security (HSTS) will not be enabled for the connection. This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7789",
          "url": "https://www.suse.com/security/cve/CVE-2017-7789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1047281 for CVE-2017-7789",
          "url": "https://bugzilla.suse.com/1047281"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7789",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7789"
    },
    {
      "cve": "CVE-2017-7790",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7790"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7790",
          "url": "https://www.suse.com/security/cve/CVE-2017-7790"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7790",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7790"
    },
    {
      "cve": "CVE-2017-7791",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7791"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On pages containing an iframe, the \"data:\" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7791",
          "url": "https://www.suse.com/security/cve/CVE-2017-7791"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7791",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7791"
    },
    {
      "cve": "CVE-2017-7792",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7792"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7792",
          "url": "https://www.suse.com/security/cve/CVE-2017-7792"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7792",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7792"
    },
    {
      "cve": "CVE-2017-7793",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7793"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 56, Firefox ESR \u003c 52.4, and Thunderbird \u003c 52.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7793",
          "url": "https://www.suse.com/security/cve/CVE-2017-7793"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7793",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7793"
    },
    {
      "cve": "CVE-2017-7794",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7794"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. Note: This attack only affects the Linux operating system. Other operating systems are not affected. This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7794",
          "url": "https://www.suse.com/security/cve/CVE-2017-7794"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7794",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7794"
    },
    {
      "cve": "CVE-2017-7796",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7796"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On Windows systems, the logger run by the Windows updater deletes the file \"update.log\" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file named \"update.log\" instead of the one intended. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7796",
          "url": "https://www.suse.com/security/cve/CVE-2017-7796"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7796",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-7796"
    },
    {
      "cve": "CVE-2017-7797",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7797"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin. This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7797",
          "url": "https://www.suse.com/security/cve/CVE-2017-7797"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7797",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7797"
    },
    {
      "cve": "CVE-2017-7798",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7798"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR \u003c 52.3 and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7798",
          "url": "https://www.suse.com/security/cve/CVE-2017-7798"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7798",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7798"
    },
    {
      "cve": "CVE-2017-7799",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7799"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "JavaScript in the \"about:webrtc\" page is not sanitized properly being assigned to \"innerHTML\". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting (XSS) attack. This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7799",
          "url": "https://www.suse.com/security/cve/CVE-2017-7799"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7799",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7799"
    },
    {
      "cve": "CVE-2017-7800",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7800"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7800",
          "url": "https://www.suse.com/security/cve/CVE-2017-7800"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7800",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7800"
    },
    {
      "cve": "CVE-2017-7801",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7801"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur while re-computing layout for a \"marquee\" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7801",
          "url": "https://www.suse.com/security/cve/CVE-2017-7801"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7801",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7801"
    },
    {
      "cve": "CVE-2017-7802",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7802"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7802",
          "url": "https://www.suse.com/security/cve/CVE-2017-7802"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7802",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7802"
    },
    {
      "cve": "CVE-2017-7803",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7803"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a page\u0027s content security policy (CSP) header contains a \"sandbox\" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7803",
          "url": "https://www.suse.com/security/cve/CVE-2017-7803"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7803",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7803"
    },
    {
      "cve": "CVE-2017-7804",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7804"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The destructor function for the \"WindowsDllDetourPatcher\" class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used to bypass existing memory protections in this situation. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7804",
          "url": "https://www.suse.com/security/cve/CVE-2017-7804"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7804",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7804"
    },
    {
      "cve": "CVE-2017-7805",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7805"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointing to the old, freed buffer, resulting in a use-after-free when handshake hashes are then calculated afterwards. This can result in a potentially exploitable crash. This vulnerability affects Firefox \u003c 56, Firefox ESR \u003c 52.4, and Thunderbird \u003c 52.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7805",
          "url": "https://www.suse.com/security/cve/CVE-2017-7805"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7805",
          "url": "https://bugzilla.suse.com/1060445"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1061005 for CVE-2017-7805",
          "url": "https://bugzilla.suse.com/1061005"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7805"
    },
    {
      "cve": "CVE-2017-7806",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7806"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7806",
          "url": "https://www.suse.com/security/cve/CVE-2017-7806"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7806",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7806"
    },
    {
      "cve": "CVE-2017-7807",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7807"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7807",
          "url": "https://www.suse.com/security/cve/CVE-2017-7807"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7807",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7807"
    },
    {
      "cve": "CVE-2017-7808",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7808"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A content security policy (CSP) \"frame-ancestors\" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information. This vulnerability affects Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7808",
          "url": "https://www.suse.com/security/cve/CVE-2017-7808"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7808",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7808"
    },
    {
      "cve": "CVE-2017-7809",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7809"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.3, Firefox ESR \u003c 52.3, and Firefox \u003c 55.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7809",
          "url": "https://www.suse.com/security/cve/CVE-2017-7809"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052829 for CVE-2017-7809",
          "url": "https://bugzilla.suse.com/1052829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7809"
    },
    {
      "cve": "CVE-2017-7810",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7810"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 56, Firefox ESR \u003c 52.4, and Thunderbird \u003c 52.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7810",
          "url": "https://www.suse.com/security/cve/CVE-2017-7810"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7810",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7810"
    },
    {
      "cve": "CVE-2017-7811",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7811"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 55. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 56.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7811",
          "url": "https://www.suse.com/security/cve/CVE-2017-7811"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7811",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7811"
    },
    {
      "cve": "CVE-2017-7812",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7812"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through \"file:\" URLs. This vulnerability affects Firefox \u003c 56.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7812",
          "url": "https://www.suse.com/security/cve/CVE-2017-7812"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7812",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7812"
    },
    {
      "cve": "CVE-2017-7813",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7813"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier syntax. This vulnerability affects Firefox \u003c 56.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7813",
          "url": "https://www.suse.com/security/cve/CVE-2017-7813"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7813",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7813"
    },
    {
      "cve": "CVE-2017-7814",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7814"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "File downloads encoded with \"blob:\" and \"data:\" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. This vulnerability affects Firefox \u003c 56, Firefox ESR \u003c 52.4, and Thunderbird \u003c 52.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7814",
          "url": "https://www.suse.com/security/cve/CVE-2017-7814"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7814",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7814"
    },
    {
      "cve": "CVE-2017-7815",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7815"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On pages containing an iframe, the \"data:\" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog\u0027s location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiprocess turned off. Installations with e10s turned on do not support the modal dialog functionality. This vulnerability affects Firefox \u003c 56.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7815",
          "url": "https://www.suse.com/security/cve/CVE-2017-7815"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7815",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7815"
    },
    {
      "cve": "CVE-2017-7816",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7816"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtensions could use popups and panels in the extension UI to load an \"about:\" privileged URL, violating security checks that disallow this behavior. This vulnerability affects Firefox \u003c 56.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7816",
          "url": "https://www.suse.com/security/cve/CVE-2017-7816"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7816",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7816"
    },
    {
      "cve": "CVE-2017-7817",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7817"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A spoofing vulnerability can occur when a page switches to fullscreen mode without user notification, allowing a fake address bar to be displayed. This allows an attacker to spoof which page is actually loaded and in use. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox \u003c 56.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7817",
          "url": "https://www.suse.com/security/cve/CVE-2017-7817"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7817",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7817"
    },
    {
      "cve": "CVE-2017-7818",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7818"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 56, Firefox ESR \u003c 52.4, and Thunderbird \u003c 52.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7818",
          "url": "https://www.suse.com/security/cve/CVE-2017-7818"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7818",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7818"
    },
    {
      "cve": "CVE-2017-7819",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7819"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 56, Firefox ESR \u003c 52.4, and Thunderbird \u003c 52.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7819",
          "url": "https://www.suse.com/security/cve/CVE-2017-7819"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7819",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7819"
    },
    {
      "cve": "CVE-2017-7820",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7820"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \"instanceof\" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects Firefox \u003c 56.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7820",
          "url": "https://www.suse.com/security/cve/CVE-2017-7820"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7820",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7820"
    },
    {
      "cve": "CVE-2017-7821",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7821"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those document types. This vulnerability affects Firefox \u003c 56.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7821",
          "url": "https://www.suse.com/security/cve/CVE-2017-7821"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7821",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7821"
    },
    {
      "cve": "CVE-2017-7822",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7822"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authentication key to be determined in some instances. This vulnerability affects Firefox \u003c 56.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7822",
          "url": "https://www.suse.com/security/cve/CVE-2017-7822"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7822",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7822"
    },
    {
      "cve": "CVE-2017-7823",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7823"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The content security policy (CSP) \"sandbox\" directive did not create a unique origin for the document, causing it to behave as if the \"allow-same-origin\" keyword were always specified. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content. This vulnerability affects Firefox \u003c 56, Firefox ESR \u003c 52.4, and Thunderbird \u003c 52.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7823",
          "url": "https://www.suse.com/security/cve/CVE-2017-7823"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7823",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7823"
    },
    {
      "cve": "CVE-2017-7824",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7824"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 56, Firefox ESR \u003c 52.4, and Thunderbird \u003c 52.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7824",
          "url": "https://www.suse.com/security/cve/CVE-2017-7824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7824",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7824"
    },
    {
      "cve": "CVE-2017-7825",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7825"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox \u003c 56, Firefox ESR \u003c 52.4, and Thunderbird \u003c 52.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7825",
          "url": "https://www.suse.com/security/cve/CVE-2017-7825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1060445 for CVE-2017-7825",
          "url": "https://bugzilla.suse.com/1060445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7825"
    },
    {
      "cve": "CVE-2017-7826",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7826"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 57, Firefox ESR \u003c 52.5, and Thunderbird \u003c 52.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7826",
          "url": "https://www.suse.com/security/cve/CVE-2017-7826"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7826",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7826"
    },
    {
      "cve": "CVE-2017-7827",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7827"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7827",
          "url": "https://www.suse.com/security/cve/CVE-2017-7827"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7827",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7827"
    },
    {
      "cve": "CVE-2017-7828",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7828"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when flushing and resizing layout because the \"PressShell\" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox \u003c 57, Firefox ESR \u003c 52.5, and Thunderbird \u003c 52.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7828",
          "url": "https://www.suse.com/security/cve/CVE-2017-7828"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7828",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7828"
    },
    {
      "cve": "CVE-2017-7830",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7830"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. This vulnerability affects Firefox \u003c 57, Firefox ESR \u003c 52.5, and Thunderbird \u003c 52.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7830",
          "url": "https://www.suse.com/security/cve/CVE-2017-7830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7830",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7830"
    },
    {
      "cve": "CVE-2017-7831",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7831"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated \"_exposedProps_\" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7831",
          "url": "https://www.suse.com/security/cve/CVE-2017-7831"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7831",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7831"
    },
    {
      "cve": "CVE-2017-7832",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7832"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The combined, single character, version of the letter \u0027i\u0027 with any of the potential accents in unicode, such as acute or grave, can be spoofed in the addressbar by the dotless version of \u0027i\u0027 followed by the same accent as a second character with most font sets. This allows for domain spoofing attacks because these combined domain names do not display as punycode. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7832",
          "url": "https://www.suse.com/security/cve/CVE-2017-7832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7832",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7832"
    },
    {
      "cve": "CVE-2017-7833",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7833"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks because these combined domain names do not display as punycode. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7833",
          "url": "https://www.suse.com/security/cve/CVE-2017-7833"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7833",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7833"
    },
    {
      "cve": "CVE-2017-7834",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7834"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A \"data:\" URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when \"data:\" documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7834",
          "url": "https://www.suse.com/security/cve/CVE-2017-7834"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7834",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7834"
    },
    {
      "cve": "CVE-2017-7835",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7835"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7835",
          "url": "https://www.suse.com/security/cve/CVE-2017-7835"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7835",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7835"
    },
    {
      "cve": "CVE-2017-7836",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7836"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \"pingsender\" executable used by the Firefox Health Report dynamically loads a system copy of libcurl, which an attacker could replace. This allows for privilege escalation as the replaced libcurl code will run with Firefox\u0027s privileges. Note: This attack requires an attacker have local system access and only affects OS X and Linux. Windows systems are not affected. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7836",
          "url": "https://www.suse.com/security/cve/CVE-2017-7836"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7836",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7836"
    },
    {
      "cve": "CVE-2017-7837",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7837"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "SVG loaded through \"\u003cimg\u003e\" tags can use \"\u003cmeta\u003e\" tags within the SVG data to set cookies for that page. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7837",
          "url": "https://www.suse.com/security/cve/CVE-2017-7837"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7837",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7837"
    },
    {
      "cve": "CVE-2017-7838",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7838"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Punycode format text will be displayed for entire qualified international domain names in some instances when a sub-domain triggers the punycode display instead of the primary domain being displayed in native script and the sub-domain only displaying as punycode. This could be used for limited spoofing attacks due to user confusion. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7838",
          "url": "https://www.suse.com/security/cve/CVE-2017-7838"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7838",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7838"
    },
    {
      "cve": "CVE-2017-7839",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7839"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Control characters prepended before \"javascript:\" URLs pasted in the addressbar can cause the leading characters to be ignored and the pasted JavaScript to be executed instead of being blocked. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks where users are convinced to copy and paste text into the addressbar. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7839",
          "url": "https://www.suse.com/security/cve/CVE-2017-7839"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7839",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7839"
    },
    {
      "cve": "CVE-2017-7840",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7840"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "JavaScript can be injected into an exported bookmarks file by placing JavaScript code into user-supplied tags in saved bookmarks. If the resulting exported HTML file is later opened in a browser this JavaScript will be executed. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks if users were convinced to add malicious tags to bookmarks, export them, and then open the resulting file. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7840",
          "url": "https://www.suse.com/security/cve/CVE-2017-7840"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7840",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7840"
    },
    {
      "cve": "CVE-2017-7842",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7842"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a document\u0027s Referrer Policy attribute is set to \"no-referrer\" sometimes two network requests are made for \"\u003clink\u003e\" elements instead of one. One of these requests includes the referrer instead of respecting the set policy to not include a referrer on requests. This vulnerability affects Firefox \u003c 57.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7842",
          "url": "https://www.suse.com/security/cve/CVE-2017-7842"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068101 for CVE-2017-7842",
          "url": "https://bugzilla.suse.com/1068101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7842"
    },
    {
      "cve": "CVE-2017-7843",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7843"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox ESR \u003c 52.5.2 and Firefox \u003c 57.0.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7843",
          "url": "https://www.suse.com/security/cve/CVE-2017-7843"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072034 for CVE-2017-7843",
          "url": "https://bugzilla.suse.com/1072034"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7843"
    },
    {
      "cve": "CVE-2017-7844",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7844"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history. This can allow a malicious website to query user history. Note: This issue only affects Firefox 57. Earlier releases are not affected. This vulnerability affects Firefox \u003c 57.0.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7844",
          "url": "https://www.suse.com/security/cve/CVE-2017-7844"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072034 for CVE-2017-7844",
          "url": "https://bugzilla.suse.com/1072034"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072036 for CVE-2017-7844",
          "url": "https://bugzilla.suse.com/1072036"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7844"
    },
    {
      "cve": "CVE-2018-12358",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12358"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability affects Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12358",
          "url": "https://www.suse.com/security/cve/CVE-2018-12358"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12358",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12358"
    },
    {
      "cve": "CVE-2018-12359",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12359"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12359",
          "url": "https://www.suse.com/security/cve/CVE-2018-12359"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12359",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12359"
    },
    {
      "cve": "CVE-2018-12360",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12360"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12360",
          "url": "https://www.suse.com/security/cve/CVE-2018-12360"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12360",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12360"
    },
    {
      "cve": "CVE-2018-12361",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12361"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Firefox ESR \u003c 60.1, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12361",
          "url": "https://www.suse.com/security/cve/CVE-2018-12361"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12361",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12361"
    },
    {
      "cve": "CVE-2018-12362",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12362"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12362",
          "url": "https://www.suse.com/security/cve/CVE-2018-12362"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12362",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12362"
    },
    {
      "cve": "CVE-2018-12363",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12363"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12363",
          "url": "https://www.suse.com/security/cve/CVE-2018-12363"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12363",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12363"
    },
    {
      "cve": "CVE-2018-12364",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12364"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12364",
          "url": "https://www.suse.com/security/cve/CVE-2018-12364"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12364",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12364"
    },
    {
      "cve": "CVE-2018-12365",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12365"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12365",
          "url": "https://www.suse.com/security/cve/CVE-2018-12365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12365",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12365"
    },
    {
      "cve": "CVE-2018-12366",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12366"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12366",
          "url": "https://www.suse.com/security/cve/CVE-2018-12366"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12366",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12366"
    },
    {
      "cve": "CVE-2018-12367",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12367"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTiming was not adjusted but it was found that it could be used as a precision timer. This vulnerability affects Thunderbird \u003c 60, Firefox ESR \u003c 60.1, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12367",
          "url": "https://www.suse.com/security/cve/CVE-2018-12367"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12367",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12367"
    },
    {
      "cve": "CVE-2018-12369",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12369"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR \u003c 60.1 and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12369",
          "url": "https://www.suse.com/security/cve/CVE-2018-12369"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12369",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12369"
    },
    {
      "cve": "CVE-2018-12370",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12370"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12370",
          "url": "https://www.suse.com/security/cve/CVE-2018-12370"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12370",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12370"
    },
    {
      "cve": "CVE-2018-12371",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12371"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 60.1, Thunderbird \u003c 60, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12371",
          "url": "https://www.suse.com/security/cve/CVE-2018-12371"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12371",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12371"
    },
    {
      "cve": "CVE-2018-12375",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12375"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 62.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12375",
          "url": "https://www.suse.com/security/cve/CVE-2018-12375"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1107343 for CVE-2018-12375",
          "url": "https://bugzilla.suse.com/1107343"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12375"
    },
    {
      "cve": "CVE-2018-12376",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12376"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 62, Firefox ESR \u003c 60.2, and Thunderbird \u003c 60.2.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12376",
          "url": "https://www.suse.com/security/cve/CVE-2018-12376"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1107343 for CVE-2018-12376",
          "url": "https://bugzilla.suse.com/1107343"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12376"
    },
    {
      "cve": "CVE-2018-12377",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12377"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 62, Firefox ESR \u003c 60.2, and Thunderbird \u003c 60.2.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12377",
          "url": "https://www.suse.com/security/cve/CVE-2018-12377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1107343 for CVE-2018-12377",
          "url": "https://bugzilla.suse.com/1107343"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12377"
    },
    {
      "cve": "CVE-2018-12378",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12378"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 62, Firefox ESR \u003c 60.2, and Thunderbird \u003c 60.2.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12378",
          "url": "https://www.suse.com/security/cve/CVE-2018-12378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1107343 for CVE-2018-12378",
          "url": "https://bugzilla.suse.com/1107343"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12378"
    },
    {
      "cve": "CVE-2018-12379",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12379"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox \u003c 62, Firefox ESR \u003c 60.2, and Thunderbird \u003c 60.2.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12379",
          "url": "https://www.suse.com/security/cve/CVE-2018-12379"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1107343 for CVE-2018-12379",
          "url": "https://bugzilla.suse.com/1107343"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12379"
    },
    {
      "cve": "CVE-2018-12381",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12381"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message\u0027s mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.*. This vulnerability affects Firefox ESR \u003c 60.2 and Firefox \u003c 62.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12381",
          "url": "https://www.suse.com/security/cve/CVE-2018-12381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1107343 for CVE-2018-12381",
          "url": "https://bugzilla.suse.com/1107343"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12381"
    },
    {
      "cve": "CVE-2018-12382",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12382"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The displayed addressbar URL can be spoofed on Firefox for Android using a javascript: URI in concert with JavaScript to insert text before the loaded domain name, scrolling the loaded domain out of view to the right. This can lead to user confusion. *This vulnerability only affects Firefox for Android \u003c 62.*",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12382",
          "url": "https://www.suse.com/security/cve/CVE-2018-12382"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1107343 for CVE-2018-12382",
          "url": "https://bugzilla.suse.com/1107343"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12382"
    },
    {
      "cve": "CVE-2018-12383",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12383"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Firefox \u003c 62, Firefox ESR \u003c 60.2.1, and Thunderbird \u003c 60.2.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12383",
          "url": "https://www.suse.com/security/cve/CVE-2018-12383"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1107343 for CVE-2018-12383",
          "url": "https://bugzilla.suse.com/1107343"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12383"
    },
    {
      "cve": "CVE-2018-12385",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12385"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally installed malware. This issue also triggers a non-exploitable startup crash for users switching between the Nightly and Release versions of Firefox if the same profile is used. This vulnerability affects Thunderbird \u003c 60.2.1, Firefox ESR \u003c 60.2.1, and Firefox \u003c 62.0.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12385",
          "url": "https://www.suse.com/security/cve/CVE-2018-12385"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1109363 for CVE-2018-12385",
          "url": "https://bugzilla.suse.com/1109363"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-12385"
    },
    {
      "cve": "CVE-2018-12386",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12386"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR \u003c 60.2.2 and Firefox \u003c 62.0.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12386",
          "url": "https://www.suse.com/security/cve/CVE-2018-12386"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1110506 for CVE-2018-12386",
          "url": "https://bugzilla.suse.com/1110506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12386"
    },
    {
      "cve": "CVE-2018-12387",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12387"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. This vulnerability affects Firefox ESR \u003c 60.2.2 and Firefox \u003c 62.0.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12387",
          "url": "https://www.suse.com/security/cve/CVE-2018-12387"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1110507 for CVE-2018-12387",
          "url": "https://bugzilla.suse.com/1110507"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12387"
    },
    {
      "cve": "CVE-2018-12388",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12388"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 63.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12388",
          "url": "https://www.suse.com/security/cve/CVE-2018-12388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12388",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12388"
    },
    {
      "cve": "CVE-2018-12390",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12390"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 63, Firefox ESR \u003c 60.3, and Thunderbird \u003c 60.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12390",
          "url": "https://www.suse.com/security/cve/CVE-2018-12390"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12390",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12390"
    },
    {
      "cve": "CVE-2018-12391",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12391"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox \u003c 63, Firefox ESR \u003c 60.3, and Thunderbird \u003c 60.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12391",
          "url": "https://www.suse.com/security/cve/CVE-2018-12391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12391",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12391"
    },
    {
      "cve": "CVE-2018-12392",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12392"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox \u003c 63, Firefox ESR \u003c 60.3, and Thunderbird \u003c 60.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12392",
          "url": "https://www.suse.com/security/cve/CVE-2018-12392"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12392",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12392"
    },
    {
      "cve": "CVE-2018-12393",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12393"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox \u003c 63, Firefox ESR \u003c 60.3, and Thunderbird \u003c 60.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12393",
          "url": "https://www.suse.com/security/cve/CVE-2018-12393"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12393",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12393"
    },
    {
      "cve": "CVE-2018-12395",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12395"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR \u003c 60.3 and Firefox \u003c 63.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12395",
          "url": "https://www.suse.com/security/cve/CVE-2018-12395"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12395",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12395"
    },
    {
      "cve": "CVE-2018-12396",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12396"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. This vulnerability affects Firefox ESR \u003c 60.3 and Firefox \u003c 63.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12396",
          "url": "https://www.suse.com/security/cve/CVE-2018-12396"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12396",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12396"
    },
    {
      "cve": "CVE-2018-12397",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12397"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A WebExtension can request access to local files without the warning prompt stating that the extension will \"Access your data for all websites\" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vulnerability affects Firefox ESR \u003c 60.3 and Firefox \u003c 63.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12397",
          "url": "https://www.suse.com/security/cve/CVE-2018-12397"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12397",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12397"
    },
    {
      "cve": "CVE-2018-12398",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12398"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy (CSP). This vulnerability affects Firefox \u003c 63.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12398",
          "url": "https://www.suse.com/security/cve/CVE-2018-12398"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12398",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12398"
    },
    {
      "cve": "CVE-2018-12399",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12399"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not have. This vulnerability affects Firefox \u003c 63.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12399",
          "url": "https://www.suse.com/security/cve/CVE-2018-12399"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12399",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12399"
    },
    {
      "cve": "CVE-2018-12400",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12400"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In private browsing mode on Firefox for Android, favicons are cached in the cache/icons folder as they are in non-private mode. This allows information leakage of sites visited during private browsing sessions. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox \u003c 63.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12400",
          "url": "https://www.suse.com/security/cve/CVE-2018-12400"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12400",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12400"
    },
    {
      "cve": "CVE-2018-12401",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12401"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a \u0027?\u0027 in the parsed string. This could lead to denial of service (DOS) attacks. This vulnerability affects Firefox \u003c 63.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12401",
          "url": "https://www.suse.com/security/cve/CVE-2018-12401"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12401",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12401"
    },
    {
      "cve": "CVE-2018-12402",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12402"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of \"Save Page As...\" functionality. For example, a malicious page could recover a visitor\u0027s Windows username and NTLM hash by including resources otherwise unreachable to the malicious page, if they can convince the visitor to save the complete web page. Similarly, SameSite cookies are sent on cross-origin requests when the \"Save Page As...\" menu item is selected to save a page, which can result in saving the wrong version of resources based on those cookies. This vulnerability affects Firefox \u003c 63.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12402",
          "url": "https://www.suse.com/security/cve/CVE-2018-12402"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12402",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12402"
    },
    {
      "cve": "CVE-2018-12403",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12403"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. This vulnerability affects Firefox \u003c 63.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12403",
          "url": "https://www.suse.com/security/cve/CVE-2018-12403"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112852 for CVE-2018-12403",
          "url": "https://bugzilla.suse.com/1112852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12403"
    },
    {
      "cve": "CVE-2018-12405",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12405"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 60.4, Firefox ESR \u003c 60.4, and Firefox \u003c 64.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12405",
          "url": "https://www.suse.com/security/cve/CVE-2018-12405"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112111 for CVE-2018-12405",
          "url": "https://bugzilla.suse.com/1112111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1119105 for CVE-2018-12405",
          "url": "https://bugzilla.suse.com/1119105"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1121207 for CVE-2018-12405",
          "url": "https://bugzilla.suse.com/1121207"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12405"
    },
    {
      "cve": "CVE-2018-12406",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12406"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 64.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12406",
          "url": "https://www.suse.com/security/cve/CVE-2018-12406"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112111 for CVE-2018-12406",
          "url": "https://bugzilla.suse.com/1112111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1119105 for CVE-2018-12406",
          "url": "https://bugzilla.suse.com/1119105"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12406"
    },
    {
      "cve": "CVE-2018-12407",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12407"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 64.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12407",
          "url": "https://www.suse.com/security/cve/CVE-2018-12407"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112111 for CVE-2018-12407",
          "url": "https://bugzilla.suse.com/1112111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1119105 for CVE-2018-12407",
          "url": "https://bugzilla.suse.com/1119105"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12407"
    },
    {
      "cve": "CVE-2018-17466",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-17466"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-17466",
          "url": "https://www.suse.com/security/cve/CVE-2018-17466"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112111 for CVE-2018-17466",
          "url": "https://bugzilla.suse.com/1112111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1119105 for CVE-2018-17466",
          "url": "https://bugzilla.suse.com/1119105"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1121207 for CVE-2018-17466",
          "url": "https://bugzilla.suse.com/1121207"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-17466"
    },
    {
      "cve": "CVE-2018-18356",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18356"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18356",
          "url": "https://www.suse.com/security/cve/CVE-2018-18356"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1118529 for CVE-2018-18356",
          "url": "https://bugzilla.suse.com/1118529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1125330 for CVE-2018-18356",
          "url": "https://bugzilla.suse.com/1125330"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1125396 for CVE-2018-18356",
          "url": "https://bugzilla.suse.com/1125396"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18356"
    },
    {
      "cve": "CVE-2018-18492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.4, Firefox ESR \u003c 60.4, and Firefox \u003c 64.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18492",
          "url": "https://www.suse.com/security/cve/CVE-2018-18492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112111 for CVE-2018-18492",
          "url": "https://bugzilla.suse.com/1112111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1119105 for CVE-2018-18492",
          "url": "https://bugzilla.suse.com/1119105"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1121207 for CVE-2018-18492",
          "url": "https://bugzilla.suse.com/1121207"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18492"
    },
    {
      "cve": "CVE-2018-18493",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18493"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.4, Firefox ESR \u003c 60.4, and Firefox \u003c 64.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18493",
          "url": "https://www.suse.com/security/cve/CVE-2018-18493"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112111 for CVE-2018-18493",
          "url": "https://bugzilla.suse.com/1112111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1119105 for CVE-2018-18493",
          "url": "https://bugzilla.suse.com/1119105"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1121207 for CVE-2018-18493",
          "url": "https://bugzilla.suse.com/1121207"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18493"
    },
    {
      "cve": "CVE-2018-18494",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18494"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird \u003c 60.4, Firefox ESR \u003c 60.4, and Firefox \u003c 64.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18494",
          "url": "https://www.suse.com/security/cve/CVE-2018-18494"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112111 for CVE-2018-18494",
          "url": "https://bugzilla.suse.com/1112111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1119105 for CVE-2018-18494",
          "url": "https://bugzilla.suse.com/1119105"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1121207 for CVE-2018-18494",
          "url": "https://bugzilla.suse.com/1121207"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18494"
    },
    {
      "cve": "CVE-2018-18495",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18495"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox \u003c 64.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18495",
          "url": "https://www.suse.com/security/cve/CVE-2018-18495"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112111 for CVE-2018-18495",
          "url": "https://bugzilla.suse.com/1112111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1119105 for CVE-2018-18495",
          "url": "https://bugzilla.suse.com/1119105"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18495"
    },
    {
      "cve": "CVE-2018-18496",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18496"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When the RSS Feed preview about:feeds page is framed within another page, it can be used in concert with scripted content for a clickjacking attack that confuses users into downloading and executing an executable file from a temporary directory. *Note: This issue only affects Windows operating systems. Other operating systems are not affected.*. This vulnerability affects Firefox \u003c 64.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18496",
          "url": "https://www.suse.com/security/cve/CVE-2018-18496"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1119105 for CVE-2018-18496",
          "url": "https://bugzilla.suse.com/1119105"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18496"
    },
    {
      "cve": "CVE-2018-18497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vulnerability affects Firefox \u003c 64.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18497",
          "url": "https://www.suse.com/security/cve/CVE-2018-18497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112111 for CVE-2018-18497",
          "url": "https://bugzilla.suse.com/1112111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1119105 for CVE-2018-18497",
          "url": "https://bugzilla.suse.com/1119105"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18497"
    },
    {
      "cve": "CVE-2018-18498",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18498"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird \u003c 60.4, Firefox ESR \u003c 60.4, and Firefox \u003c 64.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18498",
          "url": "https://www.suse.com/security/cve/CVE-2018-18498"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112111 for CVE-2018-18498",
          "url": "https://bugzilla.suse.com/1112111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1119105 for CVE-2018-18498",
          "url": "https://bugzilla.suse.com/1119105"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1121207 for CVE-2018-18498",
          "url": "https://bugzilla.suse.com/1121207"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18498"
    },
    {
      "cve": "CVE-2018-18500",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18500"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.5, Firefox ESR \u003c 60.5, and Firefox \u003c 65.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18500",
          "url": "https://www.suse.com/security/cve/CVE-2018-18500"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1122983 for CVE-2018-18500",
          "url": "https://bugzilla.suse.com/1122983"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986639 for CVE-2018-18500",
          "url": "https://bugzilla.suse.com/986639"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18500"
    },
    {
      "cve": "CVE-2018-18501",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18501"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 60.5, Firefox ESR \u003c 60.5, and Firefox \u003c 65.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18501",
          "url": "https://www.suse.com/security/cve/CVE-2018-18501"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1122983 for CVE-2018-18501",
          "url": "https://bugzilla.suse.com/1122983"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986639 for CVE-2018-18501",
          "url": "https://bugzilla.suse.com/986639"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18501"
    },
    {
      "cve": "CVE-2018-18502",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18502"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 65.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18502",
          "url": "https://www.suse.com/security/cve/CVE-2018-18502"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1122983 for CVE-2018-18502",
          "url": "https://bugzilla.suse.com/1122983"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986639 for CVE-2018-18502",
          "url": "https://bugzilla.suse.com/986639"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18502"
    },
    {
      "cve": "CVE-2018-18503",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18503"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox \u003c 65.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18503",
          "url": "https://www.suse.com/security/cve/CVE-2018-18503"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1122983 for CVE-2018-18503",
          "url": "https://bugzilla.suse.com/1122983"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986639 for CVE-2018-18503",
          "url": "https://bugzilla.suse.com/986639"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18503"
    },
    {
      "cve": "CVE-2018-18504",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18504"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers. This vulnerability affects Firefox \u003c 65.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18504",
          "url": "https://www.suse.com/security/cve/CVE-2018-18504"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1122983 for CVE-2018-18504",
          "url": "https://bugzilla.suse.com/1122983"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986639 for CVE-2018-18504",
          "url": "https://bugzilla.suse.com/986639"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18504"
    },
    {
      "cve": "CVE-2018-18505",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18505"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird \u003c 60.5, Firefox ESR \u003c 60.5, and Firefox \u003c 65.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18505",
          "url": "https://www.suse.com/security/cve/CVE-2018-18505"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1122983 for CVE-2018-18505",
          "url": "https://bugzilla.suse.com/1122983"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986639 for CVE-2018-18505",
          "url": "https://bugzilla.suse.com/986639"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18505"
    },
    {
      "cve": "CVE-2018-18506",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18506"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attacks on services and tools that bind to the localhost for networked behavior if they are accessed through browsing. This vulnerability affects Firefox \u003c 65.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18506",
          "url": "https://www.suse.com/security/cve/CVE-2018-18506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1122983 for CVE-2018-18506",
          "url": "https://bugzilla.suse.com/1122983"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2018-18506",
          "url": "https://bugzilla.suse.com/1129821"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986639 for CVE-2018-18506",
          "url": "https://bugzilla.suse.com/986639"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-18506"
    },
    {
      "cve": "CVE-2018-18511",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18511"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability affects Firefox \u003c 65.0.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18511",
          "url": "https://www.suse.com/security/cve/CVE-2018-18511"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1125330 for CVE-2018-18511",
          "url": "https://bugzilla.suse.com/1125330"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1125396 for CVE-2018-18511",
          "url": "https://bugzilla.suse.com/1125396"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2018-18511",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-18511"
    },
    {
      "cve": "CVE-2018-5089",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5089"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.6, Firefox ESR \u003c 52.6, and Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5089",
          "url": "https://www.suse.com/security/cve/CVE-2018-5089"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5089",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5089"
    },
    {
      "cve": "CVE-2018-5090",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5090"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 57. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5090",
          "url": "https://www.suse.com/security/cve/CVE-2018-5090"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5090",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2018-5090"
    },
    {
      "cve": "CVE-2018-5091",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5091"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 52.6 and Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5091",
          "url": "https://www.suse.com/security/cve/CVE-2018-5091"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5091",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5091"
    },
    {
      "cve": "CVE-2018-5092",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5092"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5092",
          "url": "https://www.suse.com/security/cve/CVE-2018-5092"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5092",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5092"
    },
    {
      "cve": "CVE-2018-5093",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5093"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5093",
          "url": "https://www.suse.com/security/cve/CVE-2018-5093"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5093",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5093"
    },
    {
      "cve": "CVE-2018-5094",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5094"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A heap buffer overflow vulnerability may occur in WebAssembly when \"shrinkElements\" is called followed by garbage collection on memory that is now uninitialized. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5094",
          "url": "https://www.suse.com/security/cve/CVE-2018-5094"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5094",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5094"
    },
    {
      "cve": "CVE-2018-5095",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5095"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.6, Firefox ESR \u003c 52.6, and Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5095",
          "url": "https://www.suse.com/security/cve/CVE-2018-5095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5095",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5095"
    },
    {
      "cve": "CVE-2018-5097",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5097"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.6, Firefox ESR \u003c 52.6, and Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5097",
          "url": "https://www.suse.com/security/cve/CVE-2018-5097"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5097",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5097"
    },
    {
      "cve": "CVE-2018-5098",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5098"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.6, Firefox ESR \u003c 52.6, and Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5098",
          "url": "https://www.suse.com/security/cve/CVE-2018-5098"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5098",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5098"
    },
    {
      "cve": "CVE-2018-5099",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5099"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references are used. This vulnerability affects Thunderbird \u003c 52.6, Firefox ESR \u003c 52.6, and Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5099",
          "url": "https://www.suse.com/security/cve/CVE-2018-5099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5099",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5099"
    },
    {
      "cve": "CVE-2018-5100",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5100"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when arguments passed to the \"IsPotentiallyScrollable\" function are freed while still in use by scripts. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5100",
          "url": "https://www.suse.com/security/cve/CVE-2018-5100"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5100",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5100"
    },
    {
      "cve": "CVE-2018-5101",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5101"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when manipulating floating \"first-letter\" style elements, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5101",
          "url": "https://www.suse.com/security/cve/CVE-2018-5101"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5101",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5101"
    },
    {
      "cve": "CVE-2018-5102",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5102"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.6, Firefox ESR \u003c 52.6, and Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5102",
          "url": "https://www.suse.com/security/cve/CVE-2018-5102"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5102",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5102"
    },
    {
      "cve": "CVE-2018-5103",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5103"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.6, Firefox ESR \u003c 52.6, and Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5103",
          "url": "https://www.suse.com/security/cve/CVE-2018-5103"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5103",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5103"
    },
    {
      "cve": "CVE-2018-5104",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5104"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.6, Firefox ESR \u003c 52.6, and Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5104",
          "url": "https://www.suse.com/security/cve/CVE-2018-5104"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5104",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5104"
    },
    {
      "cve": "CVE-2018-5105",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5105"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtensions can bypass user prompts to first save and then open an arbitrarily downloaded file. This can result in an executable file running with local user privileges without explicit user consent. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5105",
          "url": "https://www.suse.com/security/cve/CVE-2018-5105"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5105",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5105"
    },
    {
      "cve": "CVE-2018-5106",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5106"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. This can allow style editor information used within Developer Tools to leak cross-origin. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5106",
          "url": "https://www.suse.com/security/cve/CVE-2018-5106"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5106",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5106"
    },
    {
      "cve": "CVE-2018-5107",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5107"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. The printing process requires files in a specific format so arbitrary data cannot be read but it is possible that some local file information could be exposed. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5107",
          "url": "https://www.suse.com/security/cve/CVE-2018-5107"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5107",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5107"
    },
    {
      "cve": "CVE-2018-5108",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5108"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A Blob URL can violate origin attribute segregation, allowing it to be accessed from a private browsing tab and for data to be passed between the private browsing tab and a normal tab. This could allow for the leaking of private information specific to the private browsing context. This issue is mitigated by the requirement that the user enter the Blob URL manually in order for the access violation to occur. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5108",
          "url": "https://www.suse.com/security/cve/CVE-2018-5108"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5108",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5108"
    },
    {
      "cve": "CVE-2018-5109",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5109"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An audio capture session can started under an incorrect origin from the site making the capture request. Users are still prompted to allow the request but the prompt can display the wrong origin, leading to user confusion about which site is making the request to capture an audio stream. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5109",
          "url": "https://www.suse.com/security/cve/CVE-2018-5109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5109",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5109"
    },
    {
      "cve": "CVE-2018-5110",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5110"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If cursor visibility is toggled by script using from \u0027none\u0027 to an image and back through script, the cursor will be rendered temporarily invisible within Firefox. Note: This vulnerability only affects OS X. Other operating systems are not affected. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5110",
          "url": "https://www.suse.com/security/cve/CVE-2018-5110"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5110",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5110"
    },
    {
      "cve": "CVE-2018-5111",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5111"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When the text of a specially formatted URL is dragged to the addressbar from page content, the displayed URL can be spoofed to show a different site than the one loaded. This allows for phishing attacks where a malicious page can spoof the identify of another site. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5111",
          "url": "https://www.suse.com/security/cve/CVE-2018-5111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5111",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5111"
    },
    {
      "cve": "CVE-2018-5112",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5112"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to access, including potentially privileged pages. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5112",
          "url": "https://www.suse.com/security/cve/CVE-2018-5112"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5112",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5112"
    },
    {
      "cve": "CVE-2018-5113",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5113"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \"browser.identity.launchWebAuthFlow\" function of WebExtensions is only allowed to load content over \"https:\" but this requirement was not properly enforced. This can potentially allow privileged pages to be loaded by the extension. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5113",
          "url": "https://www.suse.com/security/cve/CVE-2018-5113"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5113",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5113"
    },
    {
      "cve": "CVE-2018-5114",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5114"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an existing cookie is changed to be \"HttpOnly\" while a document is open, the original value remains accessible through script until that document is closed. Network requests correctly use the changed HttpOnly cookie. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5114",
          "url": "https://www.suse.com/security/cve/CVE-2018-5114"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5114",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5114"
    },
    {
      "cve": "CVE-2018-5115",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5115"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently loaded foreground page. Although the prompt contains the real domain making the request, this can result in user confusion about the originating site of the authentication request and may cause users to mistakenly send private credential information to a third party site. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5115",
          "url": "https://www.suse.com/security/cve/CVE-2018-5115"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5115",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5115"
    },
    {
      "cve": "CVE-2018-5116",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5116"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtensions with the \"ActiveTab\" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with this permission. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5116",
          "url": "https://www.suse.com/security/cve/CVE-2018-5116"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5116",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5116"
    },
    {
      "cve": "CVE-2018-5117",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5117"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displayed as a location, which can mislead users to believe they are on a different site than the one loaded. This vulnerability affects Thunderbird \u003c 52.6, Firefox ESR \u003c 52.6, and Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5117",
          "url": "https://www.suse.com/security/cve/CVE-2018-5117"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5117",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5117"
    },
    {
      "cve": "CVE-2018-5118",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5118"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The screenshot images displayed in the Activity Stream page displayed when a new tab is opened is created from the meta tags of websites. An issue was discovered where the page could attempt to create these images through \"file:\" URLs from the local file system. This loading is blocked by the sandbox but could expose local data if combined with another attack that escapes sandbox protections. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5118",
          "url": "https://www.suse.com/security/cve/CVE-2018-5118"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5118",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5118"
    },
    {
      "cve": "CVE-2018-5119",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5119"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site. This could allow access to content that should be restricted in reader view. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5119",
          "url": "https://www.suse.com/security/cve/CVE-2018-5119"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5119",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5119"
    },
    {
      "cve": "CVE-2018-5121",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5121"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Low descenders on some Tibetan characters in several fonts on OS X are clipped when rendered in the addressbar. When used as part of an Internationalized Domain Name (IDN) this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5121",
          "url": "https://www.suse.com/security/cve/CVE-2018-5121"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5121",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5121"
    },
    {
      "cve": "CVE-2018-5122",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5122"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A potential integer overflow in the \"DoCrypt\" function of WebCrypto was identified. If a means was found of exploiting it, it could result in an out-of-bounds write. This vulnerability affects Firefox \u003c 58.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5122",
          "url": "https://www.suse.com/security/cve/CVE-2018-5122"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077291 for CVE-2018-5122",
          "url": "https://bugzilla.suse.com/1077291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5122"
    },
    {
      "cve": "CVE-2018-5125",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5125"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.7, Firefox ESR \u003c 52.7, and Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5125",
          "url": "https://www.suse.com/security/cve/CVE-2018-5125"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5125",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5125"
    },
    {
      "cve": "CVE-2018-5126",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5126"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 58. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5126",
          "url": "https://www.suse.com/security/cve/CVE-2018-5126"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5126",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5126"
    },
    {
      "cve": "CVE-2018-5127",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5127"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow can occur when manipulating the SVG \"animatedPathSegList\" through script. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.7, Firefox ESR \u003c 52.7, and Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5127",
          "url": "https://www.suse.com/security/cve/CVE-2018-5127"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5127",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5127"
    },
    {
      "cve": "CVE-2018-5128",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5128"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5128",
          "url": "https://www.suse.com/security/cve/CVE-2018-5128"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5128",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5128"
    },
    {
      "cve": "CVE-2018-5129",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5129"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. This vulnerability affects Thunderbird \u003c 52.7, Firefox ESR \u003c 52.7, and Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5129",
          "url": "https://www.suse.com/security/cve/CVE-2018-5129"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5129",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5129"
    },
    {
      "cve": "CVE-2018-5130",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5130"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. This vulnerability affects Firefox ESR \u003c 52.7 and Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5130",
          "url": "https://www.suse.com/security/cve/CVE-2018-5130"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5130",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5130"
    },
    {
      "cve": "CVE-2018-5131",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5131"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Under certain circumstances the \"fetch()\" API can return transient local copies of resources that were sent with a \"no-store\" or \"no-cache\" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessible to users if they share a common profile while browsing. This vulnerability affects Firefox ESR \u003c 52.7 and Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5131",
          "url": "https://www.suse.com/security/cve/CVE-2018-5131"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5131",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5131"
    },
    {
      "cve": "CVE-2018-5132",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5132"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Find API for WebExtensions can search some privileged pages, such as \"about:debugging\", if these pages are open in a tab. This could allow a malicious WebExtension to search for otherwise protected data if a user has it open. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5132",
          "url": "https://www.suse.com/security/cve/CVE-2018-5132"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5132",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5132"
    },
    {
      "cve": "CVE-2018-5133",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5133"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If the \"app.support.baseURL\" preference is changed by a malicious local program to contain HTML and script content, this content is not sanitized. It will be executed if a user loads \"chrome://browser/content/preferences/in-content/preferences.xul\" directly in a tab and executes a search. This stored preference is also executed whenever an EME video player plugin displays a CDM-disabled message as a notification message. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5133",
          "url": "https://www.suse.com/security/cve/CVE-2018-5133"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5133",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5133"
    },
    {
      "cve": "CVE-2018-5134",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5134"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtensions may use \"view-source:\" URLs to view local \"file:\" URL content, as well as content stored in \"about:cache\", bypassing restrictions that only allow WebExtensions to view specific content. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5134",
          "url": "https://www.suse.com/security/cve/CVE-2018-5134"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5134",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5134"
    },
    {
      "cve": "CVE-2018-5135",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5135"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtensions can bypass normal restrictions in some circumstances and use \"browser.tabs.executeScript\" to inject scripts into contexts where this should not be allowed, such as pages from other WebExtensions or unprivileged \"about:\" pages. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5135",
          "url": "https://www.suse.com/security/cve/CVE-2018-5135"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5135",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5135"
    },
    {
      "cve": "CVE-2018-5136",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5136"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A shared worker created from a \"data:\" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5136",
          "url": "https://www.suse.com/security/cve/CVE-2018-5136"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5136",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5136"
    },
    {
      "cve": "CVE-2018-5137",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5137"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A legacy extension\u0027s non-contentaccessible, defined resources can be loaded by an arbitrary web page through script. This script does this by using a maliciously crafted path string to reference the resources. Note: this vulnerability does not affect WebExtensions. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5137",
          "url": "https://www.suse.com/security/cve/CVE-2018-5137"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5137",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5137"
    },
    {
      "cve": "CVE-2018-5138",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5138"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A spoofing vulnerability can occur when a malicious site with an extremely long domain name is opened in an Android Custom Tab (a browser panel inside another app) and the default browser is Firefox for Android. This could allow an attacker to spoof which page is actually loaded and in use. Note: this issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5138",
          "url": "https://www.suse.com/security/cve/CVE-2018-5138"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5138",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5138"
    },
    {
      "cve": "CVE-2018-5140",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5140"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Image for moz-icons can be accessed through the \"moz-icon:\" protocol through script in web content even when otherwise prohibited. This could allow for information leakage of which applications are associated with specific MIME types by a malicious page. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5140",
          "url": "https://www.suse.com/security/cve/CVE-2018-5140"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5140",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5140"
    },
    {
      "cve": "CVE-2018-5141",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5141"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service (DOS) attack or to display unwanted content from arbitrary URLs to users. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5141",
          "url": "https://www.suse.com/security/cve/CVE-2018-5141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5141",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-5141"
    },
    {
      "cve": "CVE-2018-5142",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5142"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If Media Capture and Streams API permission is requested from documents with \"data:\" or \"blob:\" URLs, the permission notifications do not properly display the originating domain. The notification states \"Unknown protocol\" as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5142",
          "url": "https://www.suse.com/security/cve/CVE-2018-5142"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5142",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5142"
    },
    {
      "cve": "CVE-2018-5143",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5143"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "URLs using \"javascript:\" have the protocol removed when pasted into the addressbar to protect users from cross-site scripting (XSS) attacks, but if a tab character is embedded in the \"javascript:\" URL the protocol is not removed and the script will execute. This could allow users to be socially engineered to run an XSS attack against themselves. This vulnerability affects Firefox \u003c 59.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5143",
          "url": "https://www.suse.com/security/cve/CVE-2018-5143"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085130 for CVE-2018-5143",
          "url": "https://bugzilla.suse.com/1085130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5143"
    },
    {
      "cve": "CVE-2018-5146",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5146"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox \u003c 59.0.1, Firefox ESR \u003c 52.7.2, and Thunderbird \u003c 52.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5146",
          "url": "https://www.suse.com/security/cve/CVE-2018-5146"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085671 for CVE-2018-5146",
          "url": "https://bugzilla.suse.com/1085671"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085687 for CVE-2018-5146",
          "url": "https://bugzilla.suse.com/1085687"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180395 for CVE-2018-5146",
          "url": "https://bugzilla.suse.com/1180395"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5146"
    },
    {
      "cve": "CVE-2018-5147",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5147"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR \u003c 52.7.2 and Firefox \u003c 59.0.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5147",
          "url": "https://www.suse.com/security/cve/CVE-2018-5147"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085671 for CVE-2018-5147",
          "url": "https://bugzilla.suse.com/1085671"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085687 for CVE-2018-5147",
          "url": "https://bugzilla.suse.com/1085687"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5147"
    },
    {
      "cve": "CVE-2018-5148",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5148"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 52.7.3 and Firefox \u003c 59.0.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5148",
          "url": "https://www.suse.com/security/cve/CVE-2018-5148"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087059 for CVE-2018-5148",
          "url": "https://bugzilla.suse.com/1087059"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5148"
    },
    {
      "cve": "CVE-2018-5150",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5150"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5150",
          "url": "https://www.suse.com/security/cve/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5150"
    },
    {
      "cve": "CVE-2018-5151",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5151"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5151",
          "url": "https://www.suse.com/security/cve/CVE-2018-5151"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5151",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5151",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5151",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5151",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5151",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5151",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5151",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5151"
    },
    {
      "cve": "CVE-2018-5152",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5152"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the \"webRequest\" API. For example, this allows for the interception of username and an encrypted password during login to Firefox Accounts. This issue does not expose synchronization traffic directly and is limited to the process of user login to the website and the data displayed to the user once logged in. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5152",
          "url": "https://www.suse.com/security/cve/CVE-2018-5152"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5152",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5152",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5152",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5152",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5152",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5152",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5152",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5152"
    },
    {
      "cve": "CVE-2018-5153",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5153"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5153",
          "url": "https://www.suse.com/security/cve/CVE-2018-5153"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5153",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5153",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5153",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5153",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5153",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5153",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5153",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5153"
    },
    {
      "cve": "CVE-2018-5154",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5154"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5154",
          "url": "https://www.suse.com/security/cve/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5154"
    },
    {
      "cve": "CVE-2018-5155",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5155"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5155",
          "url": "https://www.suse.com/security/cve/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5155"
    },
    {
      "cve": "CVE-2018-5156",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5156"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5156",
          "url": "https://www.suse.com/security/cve/CVE-2018-5156"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-5156",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5156"
    },
    {
      "cve": "CVE-2018-5157",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5157"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5157",
          "url": "https://www.suse.com/security/cve/CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5157"
    },
    {
      "cve": "CVE-2018-5158",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5158"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5158",
          "url": "https://www.suse.com/security/cve/CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5158"
    },
    {
      "cve": "CVE-2018-5159",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5159"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5159",
          "url": "https://www.suse.com/security/cve/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5159"
    },
    {
      "cve": "CVE-2018-5160",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5160"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebRTC can use a \"WrappedI420Buffer\" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5160",
          "url": "https://www.suse.com/security/cve/CVE-2018-5160"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5160",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5160",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5160",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5160",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5160",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5160",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5160",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5160"
    },
    {
      "cve": "CVE-2018-5163",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5163"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the executed script would be run with the parent process\u0027 privileges, escaping the sandbox on content processes. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5163",
          "url": "https://www.suse.com/security/cve/CVE-2018-5163"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5163",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5163",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5163",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5163",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5163",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5163",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5163",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5163"
    },
    {
      "cve": "CVE-2018-5164",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5164"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the \"multipart/x-mixed-replace\" MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5164",
          "url": "https://www.suse.com/security/cve/CVE-2018-5164"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5164",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5164",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5164",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5164",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5164",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5164",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5164",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5164"
    },
    {
      "cve": "CVE-2018-5165",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5165"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In 32-bit versions of Firefox, the Adobe Flash plugin setting for \"Enable Adobe Flash protected mode\" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to select this setting intending to activate it and inadvertently turn protections off. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5165",
          "url": "https://www.suse.com/security/cve/CVE-2018-5165"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5165",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5165",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5165",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5165",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5165",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5165",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5165",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5165"
    },
    {
      "cve": "CVE-2018-5166",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5166"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtensions can use request redirection and a \"filterReponseData\" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5166",
          "url": "https://www.suse.com/security/cve/CVE-2018-5166"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5166",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5166",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5166",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5166",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5166",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5166",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5166",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5166"
    },
    {
      "cve": "CVE-2018-5167",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5167"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display \"chrome:\" links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display \"javascript:\" links, which users could be tricked into clicking by malicious sites. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5167",
          "url": "https://www.suse.com/security/cve/CVE-2018-5167"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5167",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5167",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5167",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5167",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5167",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5167",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5167",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5167"
    },
    {
      "cve": "CVE-2018-5168",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5168"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5168",
          "url": "https://www.suse.com/security/cve/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5168"
    },
    {
      "cve": "CVE-2018-5169",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5169"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If manipulated hyperlinked text with \"chrome:\" URL contained in it is dragged and dropped on the \"home\" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5169",
          "url": "https://www.suse.com/security/cve/CVE-2018-5169"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5169",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5169",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5169",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5169",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5169",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5169",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5169",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5169"
    },
    {
      "cve": "CVE-2018-5172",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5172"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site to socially engineer a user to copy and paste malicious script content that could then run with the context of either page but does not allow for privilege escalation. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5172",
          "url": "https://www.suse.com/security/cve/CVE-2018-5172"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5172",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5172",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5172",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5172",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5172",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5172",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5172",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5172"
    },
    {
      "cve": "CVE-2018-5173",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5173"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The filename appearing in the \"Downloads\" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5173",
          "url": "https://www.suse.com/security/cve/CVE-2018-5173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5173",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5173",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5173",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5173",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5173",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5173",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5173",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5173"
    },
    {
      "cve": "CVE-2018-5174",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5174"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the \"SEE_MASK_FLAG_NO_UI\" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won\u0027t prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5174",
          "url": "https://www.suse.com/security/cve/CVE-2018-5174"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5174"
    },
    {
      "cve": "CVE-2018-5175",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5175"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mechanism to bypass Content Security Policy (CSP) protections on sites that have a \"script-src\" policy of \"\u0027strict-dynamic\u0027\". If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the \"require.js\" library that is part of Firefox\u0027s Developer Tools, and then use a known technique using that library to bypass the CSP restrictions on executing injected scripts. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5175",
          "url": "https://www.suse.com/security/cve/CVE-2018-5175"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5175",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5175",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5175",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5175",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5175",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5175",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5175",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5175"
    },
    {
      "cve": "CVE-2018-5176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including \"javascript:\" links. If a JSON file contains malicious JavaScript script embedded as \"javascript:\" links, users may be tricked into clicking and running this code in the context of the JSON Viewer. This can allow for the theft of cookies and authorization tokens which are accessible to that context. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5176",
          "url": "https://www.suse.com/security/cve/CVE-2018-5176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5176",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5176",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5176",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5176",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5176",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5176",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5176",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5176"
    },
    {
      "cve": "CVE-2018-5177",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5177"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5177",
          "url": "https://www.suse.com/security/cve/CVE-2018-5177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5177",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5177",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5177",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5177",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5177",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5177",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5177",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5177"
    },
    {
      "cve": "CVE-2018-5180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5180",
          "url": "https://www.suse.com/security/cve/CVE-2018-5180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5180",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5180",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5180",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5180",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5180",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5180",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5180",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5180"
    },
    {
      "cve": "CVE-2018-5181",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5181"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a URL using the \"file:\" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is to open it with the \"noopener\" keyword. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5181",
          "url": "https://www.suse.com/security/cve/CVE-2018-5181"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5181",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5181",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5181",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5181",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5181",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5181",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5181",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5181"
    },
    {
      "cve": "CVE-2018-5182",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5182"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a text string that happens to be a filename in the operating system\u0027s native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent \"file:\" URL. This vulnerability affects Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5182",
          "url": "https://www.suse.com/security/cve/CVE-2018-5182"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5182",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5182",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5182",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5182",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5182",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5182",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5182",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5182"
    },
    {
      "cve": "CVE-2018-5186",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5186"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5186",
          "url": "https://www.suse.com/security/cve/CVE-2018-5186"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-5186",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5186"
    },
    {
      "cve": "CVE-2018-5187",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5187"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 60, Firefox ESR \u003c 60.1, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5187",
          "url": "https://www.suse.com/security/cve/CVE-2018-5187"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-5187",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5187"
    },
    {
      "cve": "CVE-2018-5188",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5188"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5188",
          "url": "https://www.suse.com/security/cve/CVE-2018-5188"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-5188",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5188"
    },
    {
      "cve": "CVE-2018-6126",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-6126"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-6126",
          "url": "https://www.suse.com/security/cve/CVE-2018-6126"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1095163 for CVE-2018-6126",
          "url": "https://bugzilla.suse.com/1095163"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1096449 for CVE-2018-6126",
          "url": "https://bugzilla.suse.com/1096449"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-6126"
    },
    {
      "cve": "CVE-2018-6156",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-6156"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-6156",
          "url": "https://www.suse.com/security/cve/CVE-2018-6156"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1086124 for CVE-2018-6156",
          "url": "https://bugzilla.suse.com/1086124"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1102530 for CVE-2018-6156",
          "url": "https://bugzilla.suse.com/1102530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1107235 for CVE-2018-6156",
          "url": "https://bugzilla.suse.com/1107235"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2018-6156"
    },
    {
      "cve": "CVE-2019-11691",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11691"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11691",
          "url": "https://www.suse.com/security/cve/CVE-2019-11691"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-11691",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11691"
    },
    {
      "cve": "CVE-2019-11692",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11692"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11692",
          "url": "https://www.suse.com/security/cve/CVE-2019-11692"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-11692",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11692"
    },
    {
      "cve": "CVE-2019-11693",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11693"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. *Note: this issue only occurs on Linux. Other operating systems are unaffected.*. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11693",
          "url": "https://www.suse.com/security/cve/CVE-2019-11693"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-11693",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11693"
    },
    {
      "cve": "CVE-2019-11694",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11694"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11694",
          "url": "https://www.suse.com/security/cve/CVE-2019-11694"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-11694",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11694"
    },
    {
      "cve": "CVE-2019-11695",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11695"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A custom cursor defined by scripting on a site can position itself over the addressbar to spoof the actual cursor when it should not be allowed outside of the primary web content area. This could be used by a malicious site to trick users into clicking on permission prompts, doorhanger notifications, or other buttons inadvertently if the location is spoofed over the user interface. This vulnerability affects Firefox \u003c 67.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11695",
          "url": "https://www.suse.com/security/cve/CVE-2019-11695"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-11695",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11695"
    },
    {
      "cve": "CVE-2019-11696",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11696"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Files with the .JNLP extension used for \"Java web start\" applications are not treated as executable content for download prompts even though they can be executed if Java is installed on the local system. This could allow users to mistakenly launch an executable binary locally. This vulnerability affects Firefox \u003c 67.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11696",
          "url": "https://www.suse.com/security/cve/CVE-2019-11696"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-11696",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11696"
    },
    {
      "cve": "CVE-2019-11697",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11697"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If the ALT and \"a\" keys are pressed when users receive an extension installation prompt, the extension will be installed without the install prompt delay that keeps the prompt visible in order for users to accept or decline the installation. A malicious web page could use this with spoofing on the page to trick users into installing a malicious extension. This vulnerability affects Firefox \u003c 67.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11697",
          "url": "https://www.suse.com/security/cve/CVE-2019-11697"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-11697",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11697"
    },
    {
      "cve": "CVE-2019-11698",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11698"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user\u0027s browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11698",
          "url": "https://www.suse.com/security/cve/CVE-2019-11698"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-11698",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11698"
    },
    {
      "cve": "CVE-2019-11699",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11699"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious page can briefly cause the wrong name to be highlighted as the domain name in the addressbar during page navigations. This could result in user confusion of which site is currently loaded for spoofing attacks. This vulnerability affects Firefox \u003c 67.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11699",
          "url": "https://www.suse.com/security/cve/CVE-2019-11699"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11699"
    },
    {
      "cve": "CVE-2019-11700",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11700"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 67.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11700",
          "url": "https://www.suse.com/security/cve/CVE-2019-11700"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-11700",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11700"
    },
    {
      "cve": "CVE-2019-11701",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11701"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The default webcal: protocol handler will load a web site vulnerable to cross-site scripting (XSS) attacks. This default was left in place as a legacy feature and has now been removed. *Note: this issue only affects users with an account on the vulnerable service. Other users are unaffected.*. This vulnerability affects Firefox \u003c 67.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11701",
          "url": "https://www.suse.com/security/cve/CVE-2019-11701"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-11701",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11701"
    },
    {
      "cve": "CVE-2019-11707",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11707"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR \u003c 60.7.1, Firefox \u003c 67.0.3, and Thunderbird \u003c 60.7.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11707",
          "url": "https://www.suse.com/security/cve/CVE-2019-11707"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1138614 for CVE-2019-11707",
          "url": "https://bugzilla.suse.com/1138614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11707"
    },
    {
      "cve": "CVE-2019-11708",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11708"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user\u0027s computer. This vulnerability affects Firefox ESR \u003c 60.7.2, Firefox \u003c 67.0.4, and Thunderbird \u003c 60.7.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11708",
          "url": "https://www.suse.com/security/cve/CVE-2019-11708"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1138872 for CVE-2019-11708",
          "url": "https://bugzilla.suse.com/1138872"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2019-11708"
    },
    {
      "cve": "CVE-2019-11709",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11709"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11709",
          "url": "https://www.suse.com/security/cve/CVE-2019-11709"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11709",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11709"
    },
    {
      "cve": "CVE-2019-11710",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11710"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 68.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11710",
          "url": "https://www.suse.com/security/cve/CVE-2019-11710"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11710",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11710"
    },
    {
      "cve": "CVE-2019-11711",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11711"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11711",
          "url": "https://www.suse.com/security/cve/CVE-2019-11711"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11711",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11711"
    },
    {
      "cve": "CVE-2019-11712",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11712"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) attacks. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11712",
          "url": "https://www.suse.com/security/cve/CVE-2019-11712"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11712",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11712"
    },
    {
      "cve": "CVE-2019-11713",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11713"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11713",
          "url": "https://www.suse.com/security/cve/CVE-2019-11713"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11713",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11713"
    },
    {
      "cve": "CVE-2019-11714",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11714"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox \u003c 68.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11714",
          "url": "https://www.suse.com/security/cve/CVE-2019-11714"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11714",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11714"
    },
    {
      "cve": "CVE-2019-11715",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11715"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11715",
          "url": "https://www.suse.com/security/cve/CVE-2019-11715"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11715",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11715"
    },
    {
      "cve": "CVE-2019-11716",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11716"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames(window). Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes to be bypassed. This vulnerability affects Firefox \u003c 68.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11716",
          "url": "https://www.suse.com/security/cve/CVE-2019-11716"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11716",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11716"
    },
    {
      "cve": "CVE-2019-11717",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11717"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability exists where the caret (\"^\") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11717",
          "url": "https://www.suse.com/security/cve/CVE-2019-11717"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11717",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11717"
    },
    {
      "cve": "CVE-2019-11718",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11718"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, if the Snipper Service were compromised. This vulnerability affects Firefox \u003c 68.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11718",
          "url": "https://www.suse.com/security/cve/CVE-2019-11718"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11718",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11718"
    },
    {
      "cve": "CVE-2019-11719",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11719"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11719",
          "url": "https://www.suse.com/security/cve/CVE-2019-11719"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11719",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11719"
    },
    {
      "cve": "CVE-2019-11720",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11720"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering. This vulnerability affects Firefox \u003c 68.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11720",
          "url": "https://www.suse.com/security/cve/CVE-2019-11720"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11720",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11720"
    },
    {
      "cve": "CVE-2019-11721",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11721"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The unicode latin \u0027kra\u0027 character can be used to spoof a standard \u0027k\u0027 character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox \u003c 68.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11721",
          "url": "https://www.suse.com/security/cve/CVE-2019-11721"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11721",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11721"
    },
    {
      "cve": "CVE-2019-11723",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11723"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different \"containers\" for people who use the Firefox Multi-Account Containers Web Extension. This vulnerability affects Firefox \u003c 68.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11723",
          "url": "https://www.suse.com/security/cve/CVE-2019-11723"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11723",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11723"
    },
    {
      "cve": "CVE-2019-11724",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11724"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks. This vulnerability affects Firefox \u003c 68.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11724",
          "url": "https://www.suse.com/security/cve/CVE-2019-11724"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11724",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11724"
    },
    {
      "cve": "CVE-2019-11725",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11725"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but resources from the same site loaded through websockets are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing protections. This vulnerability affects Firefox \u003c 68.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11725",
          "url": "https://www.suse.com/security/cve/CVE-2019-11725"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11725",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11725"
    },
    {
      "cve": "CVE-2019-11727",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11727"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox \u003c 68.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11727",
          "url": "https://www.suse.com/security/cve/CVE-2019-11727"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11727",
          "url": "https://bugzilla.suse.com/1140868"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1141322 for CVE-2019-11727",
          "url": "https://bugzilla.suse.com/1141322"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11727"
    },
    {
      "cve": "CVE-2019-11728",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11728"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded. This vulnerability affects Firefox \u003c 68.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11728",
          "url": "https://www.suse.com/security/cve/CVE-2019-11728"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11728",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11728"
    },
    {
      "cve": "CVE-2019-11729",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11729"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11729",
          "url": "https://www.suse.com/security/cve/CVE-2019-11729"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11729",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11729"
    },
    {
      "cve": "CVE-2019-11730",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11730"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app\u0027s predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11730",
          "url": "https://www.suse.com/security/cve/CVE-2019-11730"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-11730",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11730"
    },
    {
      "cve": "CVE-2019-11733",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11733"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a master password is set, it is required to be entered again before stored passwords can be accessed in the \u0027Saved Logins\u0027 dialog. It was found that locally stored passwords can be copied to the clipboard thorough the \u0027copy password\u0027 context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords. This vulnerability affects Firefox \u003c 68.0.2 and Firefox ESR \u003c 68.0.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11733",
          "url": "https://www.suse.com/security/cve/CVE-2019-11733"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1145665 for CVE-2019-11733",
          "url": "https://bugzilla.suse.com/1145665"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11733"
    },
    {
      "cve": "CVE-2019-11734",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11734"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11734",
          "url": "https://www.suse.com/security/cve/CVE-2019-11734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149287 for CVE-2019-11734",
          "url": "https://bugzilla.suse.com/1149287"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11734",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2019-11734"
    },
    {
      "cve": "CVE-2019-11735",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11735"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11735",
          "url": "https://www.suse.com/security/cve/CVE-2019-11735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149293 for CVE-2019-11735",
          "url": "https://bugzilla.suse.com/1149293"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11735",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11735",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11735"
    },
    {
      "cve": "CVE-2019-11736",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11736"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during checks for junctions and symbolic links by the Maintenance Service, allowing for potential local file and directory manipulation to be undetected in some circumstances. This allows for potential privilege escalation by a user with unprivileged local access. \u003cbr\u003e*Note: These attacks requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11736",
          "url": "https://www.suse.com/security/cve/CVE-2019-11736"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149292 for CVE-2019-11736",
          "url": "https://bugzilla.suse.com/1149292"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11736",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11736",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11736"
    },
    {
      "cve": "CVE-2019-11737",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11737"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a wildcard (\u0027*\u0027) is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox \u003c 69.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11737",
          "url": "https://www.suse.com/security/cve/CVE-2019-11737"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149300 for CVE-2019-11737",
          "url": "https://bugzilla.suse.com/1149300"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11737",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11737"
    },
    {
      "cve": "CVE-2019-11738",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11738"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11738",
          "url": "https://www.suse.com/security/cve/CVE-2019-11738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149302 for CVE-2019-11738",
          "url": "https://bugzilla.suse.com/1149302"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11738",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11738",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11738"
    },
    {
      "cve": "CVE-2019-11740",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11740"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11740",
          "url": "https://www.suse.com/security/cve/CVE-2019-11740"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149299 for CVE-2019-11740",
          "url": "https://bugzilla.suse.com/1149299"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11740",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11740",
          "url": "https://bugzilla.suse.com/1149324"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1150940 for CVE-2019-11740",
          "url": "https://bugzilla.suse.com/1150940"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11740"
    },
    {
      "cve": "CVE-2019-11741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these sites within the browser can potentially be used to modify a user\u0027s Firefox configuration. These two sites will now be isolated into their own process and not allowed to be loaded in a standard content process. This vulnerability affects Firefox \u003c 69.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11741",
          "url": "https://www.suse.com/security/cve/CVE-2019-11741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149288 for CVE-2019-11741",
          "url": "https://bugzilla.suse.com/1149288"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11741",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11741"
    },
    {
      "cve": "CVE-2019-11742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a \u0026lt;canvas\u0026gt; element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11742",
          "url": "https://www.suse.com/security/cve/CVE-2019-11742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149303 for CVE-2019-11742",
          "url": "https://bugzilla.suse.com/1149303"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11742",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11742",
          "url": "https://bugzilla.suse.com/1149324"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1150940 for CVE-2019-11742",
          "url": "https://bugzilla.suse.com/1150940"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11742"
    },
    {
      "cve": "CVE-2019-11743",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11743"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Navigation events were not fully adhering to the W3C\u0027s \"Navigation-Timing Level 2\" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11743",
          "url": "https://www.suse.com/security/cve/CVE-2019-11743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149298 for CVE-2019-11743",
          "url": "https://bugzilla.suse.com/1149298"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11743",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11743",
          "url": "https://bugzilla.suse.com/1149324"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1150940 for CVE-2019-11743",
          "url": "https://bugzilla.suse.com/1150940"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11743"
    },
    {
      "cve": "CVE-2019-11744",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11744"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Some HTML elements, such as \u0026lt;title\u0026gt; and \u0026lt;textarea\u0026gt;, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if a site does not filter user input as strictly for these elements as it does for other elements. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11744",
          "url": "https://www.suse.com/security/cve/CVE-2019-11744"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149304 for CVE-2019-11744",
          "url": "https://bugzilla.suse.com/1149304"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11744",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11744",
          "url": "https://bugzilla.suse.com/1149324"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1150940 for CVE-2019-11744",
          "url": "https://bugzilla.suse.com/1150940"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11744"
    },
    {
      "cve": "CVE-2019-11746",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11746"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11746",
          "url": "https://www.suse.com/security/cve/CVE-2019-11746"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149297 for CVE-2019-11746",
          "url": "https://bugzilla.suse.com/1149297"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11746",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11746",
          "url": "https://bugzilla.suse.com/1149324"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1150940 for CVE-2019-11746",
          "url": "https://bugzilla.suse.com/1150940"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11746"
    },
    {
      "cve": "CVE-2019-11747",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11747"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \"Forget about this site\" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on the pre-load list also have their HSTS setting removed. On the next visit to that site if the user specifies an http: URL rather than secure https: they will not be protected by the pre-loaded HSTS setting. After that visit the site\u0027s HSTS setting will be restored. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11747",
          "url": "https://www.suse.com/security/cve/CVE-2019-11747"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149301 for CVE-2019-11747",
          "url": "https://bugzilla.suse.com/1149301"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11747",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11747",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2019-11747"
    },
    {
      "cve": "CVE-2019-11748",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11748"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the possibility of trusted WebRTC resources being invisibly embedded in web content and abusing permissions previously given by users. Users will now be prompted for permissions on each use. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11748",
          "url": "https://www.suse.com/security/cve/CVE-2019-11748"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149291 for CVE-2019-11748",
          "url": "https://bugzilla.suse.com/1149291"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11748",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11748",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11748"
    },
    {
      "cve": "CVE-2019-11749",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11749"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11749",
          "url": "https://www.suse.com/security/cve/CVE-2019-11749"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149290 for CVE-2019-11749",
          "url": "https://bugzilla.suse.com/1149290"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11749",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11749",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11749"
    },
    {
      "cve": "CVE-2019-11750",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11750"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11750",
          "url": "https://www.suse.com/security/cve/CVE-2019-11750"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149289 for CVE-2019-11750",
          "url": "https://bugzilla.suse.com/1149289"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11750",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11750",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11750"
    },
    {
      "cve": "CVE-2019-11751",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11751"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows \u0027Startup\u0027 folder. \u003cbr\u003e*Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11751",
          "url": "https://www.suse.com/security/cve/CVE-2019-11751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149286 for CVE-2019-11751",
          "url": "https://bugzilla.suse.com/1149286"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11751",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11751",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11751"
    },
    {
      "cve": "CVE-2019-11752",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11752"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11752",
          "url": "https://www.suse.com/security/cve/CVE-2019-11752"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149296 for CVE-2019-11752",
          "url": "https://bugzilla.suse.com/1149296"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11752",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11752",
          "url": "https://bugzilla.suse.com/1149324"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1150940 for CVE-2019-11752",
          "url": "https://bugzilla.suse.com/1150940"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11752"
    },
    {
      "cve": "CVE-2019-11753",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11753"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can run with elevated privileges during the update process due to a lack of integrity checks. This allows for privilege escalation if the executable has been replaced locally. \u003cbr\u003e*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox \u003c 69, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11753",
          "url": "https://www.suse.com/security/cve/CVE-2019-11753"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149295 for CVE-2019-11753",
          "url": "https://bugzilla.suse.com/1149295"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-11753",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-11753",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11753"
    },
    {
      "cve": "CVE-2019-11754",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11754"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users. This vulnerability affects Firefox \u003c 69.0.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11754",
          "url": "https://www.suse.com/security/cve/CVE-2019-11754"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1151260 for CVE-2019-11754",
          "url": "https://bugzilla.suse.com/1151260"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11754"
    },
    {
      "cve": "CVE-2019-11756",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11756"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox \u003c 71.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11756",
          "url": "https://www.suse.com/security/cve/CVE-2019-11756"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1161447 for CVE-2019-11756",
          "url": "https://bugzilla.suse.com/1161447"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11756"
    },
    {
      "cve": "CVE-2019-11757",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11757"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When following the value\u0027s prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11757",
          "url": "https://www.suse.com/security/cve/CVE-2019-11757"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154738 for CVE-2019-11757",
          "url": "https://bugzilla.suse.com/1154738"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11757"
    },
    {
      "cve": "CVE-2019-11759",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11759"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11759",
          "url": "https://www.suse.com/security/cve/CVE-2019-11759"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154738 for CVE-2019-11759",
          "url": "https://bugzilla.suse.com/1154738"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11759"
    },
    {
      "cve": "CVE-2019-11760",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11760"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11760",
          "url": "https://www.suse.com/security/cve/CVE-2019-11760"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154738 for CVE-2019-11760",
          "url": "https://bugzilla.suse.com/1154738"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11760"
    },
    {
      "cve": "CVE-2019-11761",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11761"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11761",
          "url": "https://www.suse.com/security/cve/CVE-2019-11761"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154738 for CVE-2019-11761",
          "url": "https://bugzilla.suse.com/1154738"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11761"
    },
    {
      "cve": "CVE-2019-11762",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11762"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11762",
          "url": "https://www.suse.com/security/cve/CVE-2019-11762"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154738 for CVE-2019-11762",
          "url": "https://bugzilla.suse.com/1154738"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11762"
    },
    {
      "cve": "CVE-2019-11763",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11763"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11763",
          "url": "https://www.suse.com/security/cve/CVE-2019-11763"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154738 for CVE-2019-11763",
          "url": "https://bugzilla.suse.com/1154738"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11763"
    },
    {
      "cve": "CVE-2019-11764",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11764"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11764",
          "url": "https://www.suse.com/security/cve/CVE-2019-11764"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154738 for CVE-2019-11764",
          "url": "https://bugzilla.suse.com/1154738"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-11764"
    },
    {
      "cve": "CVE-2019-11765",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11765"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A compromised content process could send a message to the parent process that would cause the \u0027Click to Play\u0027 permission prompt to be shown. However, due to lack of validation from the parent process, if the user accepted the permission request an attacker-controlled permission would be granted rather than the \u0027Click to Play\u0027 permission. This vulnerability affects Firefox \u003c 70.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11765",
          "url": "https://www.suse.com/security/cve/CVE-2019-11765"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11765"
    },
    {
      "cve": "CVE-2019-13722",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-13722"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-13722",
          "url": "https://www.suse.com/security/cve/CVE-2019-13722"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1158328 for CVE-2019-13722",
          "url": "https://bugzilla.suse.com/1158328"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-13722"
    },
    {
      "cve": "CVE-2019-15903",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-15903"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-15903",
          "url": "https://www.suse.com/security/cve/CVE-2019-15903"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149429 for CVE-2019-15903",
          "url": "https://bugzilla.suse.com/1149429"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154738 for CVE-2019-15903",
          "url": "https://bugzilla.suse.com/1154738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154806 for CVE-2019-15903",
          "url": "https://bugzilla.suse.com/1154806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-15903"
    },
    {
      "cve": "CVE-2019-17000",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17000"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An object tag with a data URI did not correctly inherit the document\u0027s Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document\u0027s policy explicitly allowed data: URIs. This vulnerability affects Firefox \u003c 70.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17000",
          "url": "https://www.suse.com/security/cve/CVE-2019-17000"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-17000"
    },
    {
      "cve": "CVE-2019-17001",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17001"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A Content-Security-Policy that blocks in-line scripts could be bypassed using an object tag to execute JavaScript in the protected document (cross-site scripting). This is a separate bypass from CVE-2019-17000.*Note: This flaw only affected Firefox 69 and was not present in earlier versions.*. This vulnerability affects Firefox \u003c 70.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17001",
          "url": "https://www.suse.com/security/cve/CVE-2019-17001"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-17001"
    },
    {
      "cve": "CVE-2019-17002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https. This vulnerability affects Firefox \u003c 70.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17002",
          "url": "https://www.suse.com/security/cve/CVE-2019-17002"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-17002"
    },
    {
      "cve": "CVE-2019-17005",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17005"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The plain text serializer used a fixed-size array for the number of \u003col\u003e elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17005",
          "url": "https://www.suse.com/security/cve/CVE-2019-17005"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1158328 for CVE-2019-17005",
          "url": "https://bugzilla.suse.com/1158328"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17005"
    },
    {
      "cve": "CVE-2019-17008",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17008"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17008",
          "url": "https://www.suse.com/security/cve/CVE-2019-17008"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1158328 for CVE-2019-17008",
          "url": "https://bugzilla.suse.com/1158328"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17008"
    },
    {
      "cve": "CVE-2019-17010",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17010"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17010",
          "url": "https://www.suse.com/security/cve/CVE-2019-17010"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1158328 for CVE-2019-17010",
          "url": "https://bugzilla.suse.com/1158328"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17010"
    },
    {
      "cve": "CVE-2019-17011",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17011"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17011",
          "url": "https://www.suse.com/security/cve/CVE-2019-17011"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1158328 for CVE-2019-17011",
          "url": "https://bugzilla.suse.com/1158328"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17011"
    },
    {
      "cve": "CVE-2019-17012",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17012"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17012",
          "url": "https://www.suse.com/security/cve/CVE-2019-17012"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1158328 for CVE-2019-17012",
          "url": "https://bugzilla.suse.com/1158328"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17012"
    },
    {
      "cve": "CVE-2019-17013",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17013"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 71.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17013",
          "url": "https://www.suse.com/security/cve/CVE-2019-17013"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17013"
    },
    {
      "cve": "CVE-2019-17014",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17014"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects Firefox \u003c 71.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17014",
          "url": "https://www.suse.com/security/cve/CVE-2019-17014"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17014"
    },
    {
      "cve": "CVE-2019-17016",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17016"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When pasting a \u0026lt;style\u0026gt; tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR \u003c 68.4 and Firefox \u003c 72.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17016",
          "url": "https://www.suse.com/security/cve/CVE-2019-17016"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1160305 for CVE-2019-17016",
          "url": "https://bugzilla.suse.com/1160305"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17016"
    },
    {
      "cve": "CVE-2019-17017",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17017"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 68.4 and Firefox \u003c 72.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17017",
          "url": "https://www.suse.com/security/cve/CVE-2019-17017"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1160305 for CVE-2019-17017",
          "url": "https://bugzilla.suse.com/1160305"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17017"
    },
    {
      "cve": "CVE-2019-17020",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17020"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document. This vulnerability affects Firefox \u003c 72.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17020",
          "url": "https://www.suse.com/security/cve/CVE-2019-17020"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1160305 for CVE-2019-17020",
          "url": "https://bugzilla.suse.com/1160305"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17020"
    },
    {
      "cve": "CVE-2019-17022",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17022"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When pasting a \u0026lt;style\u0026gt; tag from the clipboard into a rich text editor, the CSS sanitizer does not escape \u0026lt; and \u0026gt; characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node\u0027s innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR \u003c 68.4 and Firefox \u003c 72.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17022",
          "url": "https://www.suse.com/security/cve/CVE-2019-17022"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1160305 for CVE-2019-17022",
          "url": "https://bugzilla.suse.com/1160305"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17022"
    },
    {
      "cve": "CVE-2019-17023",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17023"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox \u003c 72.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17023",
          "url": "https://www.suse.com/security/cve/CVE-2019-17023"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1160305 for CVE-2019-17023",
          "url": "https://bugzilla.suse.com/1160305"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17023"
    },
    {
      "cve": "CVE-2019-17024",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17024"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 68.4 and Firefox \u003c 72.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17024",
          "url": "https://www.suse.com/security/cve/CVE-2019-17024"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1160305 for CVE-2019-17024",
          "url": "https://bugzilla.suse.com/1160305"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17024"
    },
    {
      "cve": "CVE-2019-17025",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17025"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 72.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17025",
          "url": "https://www.suse.com/security/cve/CVE-2019-17025"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1160305 for CVE-2019-17025",
          "url": "https://bugzilla.suse.com/1160305"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17025"
    },
    {
      "cve": "CVE-2019-17026",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-17026"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR \u003c 68.4.1, Thunderbird \u003c 68.4.1, and Firefox \u003c 72.0.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-17026",
          "url": "https://www.suse.com/security/cve/CVE-2019-17026"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1160498 for CVE-2019-17026",
          "url": "https://bugzilla.suse.com/1160498"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-17026"
    },
    {
      "cve": "CVE-2019-20503",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-20503"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-20503",
          "url": "https://www.suse.com/security/cve/CVE-2019-20503"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2019-20503",
          "url": "https://bugzilla.suse.com/1166238"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1167090 for CVE-2019-20503",
          "url": "https://bugzilla.suse.com/1167090"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-20503"
    },
    {
      "cve": "CVE-2019-5785",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-5785"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-5785",
          "url": "https://www.suse.com/security/cve/CVE-2019-5785"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1125330 for CVE-2019-5785",
          "url": "https://bugzilla.suse.com/1125330"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1125396 for CVE-2019-5785",
          "url": "https://bugzilla.suse.com/1125396"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-5785"
    },
    {
      "cve": "CVE-2019-5849",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-5849"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Out of bounds read in Skia in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-5849",
          "url": "https://www.suse.com/security/cve/CVE-2019-5849"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149321 for CVE-2019-5849",
          "url": "https://bugzilla.suse.com/1149321"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-5849",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-5849"
    },
    {
      "cve": "CVE-2019-7317",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-7317"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-7317",
          "url": "https://www.suse.com/security/cve/CVE-2019-7317"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1124211 for CVE-2019-7317",
          "url": "https://bugzilla.suse.com/1124211"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-7317",
          "url": "https://bugzilla.suse.com/1135824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1141780 for CVE-2019-7317",
          "url": "https://bugzilla.suse.com/1141780"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1147021 for CVE-2019-7317",
          "url": "https://bugzilla.suse.com/1147021"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1165297 for CVE-2019-7317",
          "url": "https://bugzilla.suse.com/1165297"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2019-7317"
    },
    {
      "cve": "CVE-2019-9788",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9788"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 60.6, Firefox ESR \u003c 60.6, and Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9788",
          "url": "https://www.suse.com/security/cve/CVE-2019-9788"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9788",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9788"
    },
    {
      "cve": "CVE-2019-9789",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9789"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 65. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9789",
          "url": "https://www.suse.com/security/cve/CVE-2019-9789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9789",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9789"
    },
    {
      "cve": "CVE-2019-9790",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9790"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.6, Firefox ESR \u003c 60.6, and Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9790",
          "url": "https://www.suse.com/security/cve/CVE-2019-9790"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9790",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9790"
    },
    {
      "cve": "CVE-2019-9791",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9791"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allows for possible arbitrary reading and writing of objects during an exploitable crash. This vulnerability affects Thunderbird \u003c 60.6, Firefox ESR \u003c 60.6, and Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9791",
          "url": "https://www.suse.com/security/cve/CVE-2019-9791"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9791",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9791"
    },
    {
      "cve": "CVE-2019-9792",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9792"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.6, Firefox ESR \u003c 60.6, and Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9792",
          "url": "https://www.suse.com/security/cve/CVE-2019-9792"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9792",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9792"
    },
    {
      "cve": "CVE-2019-9793",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9793"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create an arbitrary value in compiled JavaScript, for which the range analysis will infer a fully controlled, incorrect range in circumstances where users have explicitly disabled Spectre mitigations. *Note: Spectre mitigations are currently enabled for all users by default settings.*. This vulnerability affects Thunderbird \u003c 60.6, Firefox ESR \u003c 60.6, and Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9793",
          "url": "https://www.suse.com/security/cve/CVE-2019-9793"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9793",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9793"
    },
    {
      "cve": "CVE-2019-9794",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9794"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the default URI handler for a given URI scheme in third party applications and these applications insufficiently sanitize URL data. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird \u003c 60.6, Firefox ESR \u003c 60.6, and Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9794",
          "url": "https://www.suse.com/security/cve/CVE-2019-9794"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9794",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9794"
    },
    {
      "cve": "CVE-2019-9795",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9795"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.6, Firefox ESR \u003c 60.6, and Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9795",
          "url": "https://www.suse.com/security/cve/CVE-2019-9795"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9795",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9795"
    },
    {
      "cve": "CVE-2019-9796",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9796"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is later freed with the removal of the animation controller element, the refresh driver incorrectly leaves a dangling pointer to the driver\u0027s observer array. This vulnerability affects Thunderbird \u003c 60.6, Firefox ESR \u003c 60.6, and Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9796",
          "url": "https://www.suse.com/security/cve/CVE-2019-9796"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9796",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9796"
    },
    {
      "cve": "CVE-2019-9797",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9797"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9797",
          "url": "https://www.suse.com/security/cve/CVE-2019-9797"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9797",
          "url": "https://bugzilla.suse.com/1129821"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-9797",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9797"
    },
    {
      "cve": "CVE-2019-9798",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9798"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. *Note: This issue only affects Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9798",
          "url": "https://www.suse.com/security/cve/CVE-2019-9798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9798"
    },
    {
      "cve": "CVE-2019-9799",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9799"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9799",
          "url": "https://www.suse.com/security/cve/CVE-2019-9799"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9799",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9799"
    },
    {
      "cve": "CVE-2019-9800",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9800"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9800",
          "url": "https://www.suse.com/security/cve/CVE-2019-9800"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-9800",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9800"
    },
    {
      "cve": "CVE-2019-9801",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9801"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a \"URL Handler\" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird \u003c 60.6, Firefox ESR \u003c 60.6, and Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9801",
          "url": "https://www.suse.com/security/cve/CVE-2019-9801"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9801"
    },
    {
      "cve": "CVE-2019-9802",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9802"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and allow for a potential memory read of adjacent data from the privileged Chrome process, which may include sensitive data. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9802",
          "url": "https://www.suse.com/security/cve/CVE-2019-9802"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9802",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9802"
    },
    {
      "cve": "CVE-2019-9803",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9803"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content Security Policy (CSP), navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some circumstances, allowing for potential man-in-the-middle attacks on the linked resources. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9803",
          "url": "https://www.suse.com/security/cve/CVE-2019-9803"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9803",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9803"
    },
    {
      "cve": "CVE-2019-9804",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9804"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Firefox Developer Tools it is possible that pasting the result of the \u0027Copy as cURL\u0027 command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash on macOS. *Note: This issue only affects macOS. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9804",
          "url": "https://www.suse.com/security/cve/CVE-2019-9804"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9804"
    },
    {
      "cve": "CVE-2019-9805",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9805"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9805",
          "url": "https://www.suse.com/security/cve/CVE-2019-9805"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9805",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9805"
    },
    {
      "cve": "CVE-2019-9806",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9806"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability exists during authorization prompting for FTP transaction where successive modal prompts are displayed and cannot be immediately dismissed. This allows for a denial of service (DOS) attack. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9806",
          "url": "https://www.suse.com/security/cve/CVE-2019-9806"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9806",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9806"
    },
    {
      "cve": "CVE-2019-9807",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9807"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content. This could potentially be used for social engineering attacks. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9807",
          "url": "https://www.suse.com/security/cve/CVE-2019-9807"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9807",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9807"
    },
    {
      "cve": "CVE-2019-9808",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9808"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If WebRTC permission is requested from documents with data: or blob: URLs, the permission notifications do not properly display the originating domain. The notification states \"Unknown origin\" as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9808",
          "url": "https://www.suse.com/security/cve/CVE-2019-9808"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9808",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9808"
    },
    {
      "cve": "CVE-2019-9809",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9809"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These messages cannot be immediately dismissed, allowing for a denial of service (DOS) attack. This vulnerability affects Firefox \u003c 66.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9809",
          "url": "https://www.suse.com/security/cve/CVE-2019-9809"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9809",
          "url": "https://bugzilla.suse.com/1129821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9809"
    },
    {
      "cve": "CVE-2019-9810",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9810"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox \u003c 66.0.1, Firefox ESR \u003c 60.6.1, and Thunderbird \u003c 60.6.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9810",
          "url": "https://www.suse.com/security/cve/CVE-2019-9810"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9810",
          "url": "https://bugzilla.suse.com/1129821"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1130262 for CVE-2019-9810",
          "url": "https://bugzilla.suse.com/1130262"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9810"
    },
    {
      "cve": "CVE-2019-9811",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9811"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR \u003c 60.8, Firefox \u003c 68, and Thunderbird \u003c 60.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9811",
          "url": "https://www.suse.com/security/cve/CVE-2019-9811"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1140868 for CVE-2019-9811",
          "url": "https://bugzilla.suse.com/1140868"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9811"
    },
    {
      "cve": "CVE-2019-9812",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9812"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR \u003c 60.9, Firefox ESR \u003c 68.1, and Firefox \u003c 69.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9812",
          "url": "https://www.suse.com/security/cve/CVE-2019-9812"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149294 for CVE-2019-9812",
          "url": "https://bugzilla.suse.com/1149294"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149323 for CVE-2019-9812",
          "url": "https://bugzilla.suse.com/1149323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149324 for CVE-2019-9812",
          "url": "https://bugzilla.suse.com/1149324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9812"
    },
    {
      "cve": "CVE-2019-9813",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9813"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox \u003c 66.0.1, Firefox ESR \u003c 60.6.1, and Thunderbird \u003c 60.6.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9813",
          "url": "https://www.suse.com/security/cve/CVE-2019-9813"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129821 for CVE-2019-9813",
          "url": "https://bugzilla.suse.com/1129821"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1130262 for CVE-2019-9813",
          "url": "https://bugzilla.suse.com/1130262"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9813"
    },
    {
      "cve": "CVE-2019-9814",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9814"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 66. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 67.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9814",
          "url": "https://www.suse.com/security/cve/CVE-2019-9814"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-9814",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9814"
    },
    {
      "cve": "CVE-2019-9815",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9815"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9815",
          "url": "https://www.suse.com/security/cve/CVE-2019-9815"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-9815",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9815"
    },
    {
      "cve": "CVE-2019-9816",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9816"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.*. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9816",
          "url": "https://www.suse.com/security/cve/CVE-2019-9816"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-9816",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9816"
    },
    {
      "cve": "CVE-2019-9817",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9817"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9817",
          "url": "https://www.suse.com/security/cve/CVE-2019-9817"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-9817",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9817"
    },
    {
      "cve": "CVE-2019-9818",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9818"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9818",
          "url": "https://www.suse.com/security/cve/CVE-2019-9818"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-9818",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9818"
    },
    {
      "cve": "CVE-2019-9819",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9819"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9819",
          "url": "https://www.suse.com/security/cve/CVE-2019-9819"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-9819",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9819"
    },
    {
      "cve": "CVE-2019-9820",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9820"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9820",
          "url": "https://www.suse.com/security/cve/CVE-2019-9820"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-9820",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9820"
    },
    {
      "cve": "CVE-2019-9821",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9821"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 67.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9821",
          "url": "https://www.suse.com/security/cve/CVE-2019-9821"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1135824 for CVE-2019-9821",
          "url": "https://bugzilla.suse.com/1135824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9821"
    },
    {
      "cve": "CVE-2020-12387",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12387"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 68.8, Firefox \u003c 76, and Thunderbird \u003c 68.8.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12387",
          "url": "https://www.suse.com/security/cve/CVE-2020-12387"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171186 for CVE-2020-12387",
          "url": "https://bugzilla.suse.com/1171186"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12387"
    },
    {
      "cve": "CVE-2020-12388",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12388"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR \u003c 68.8 and Firefox \u003c 76.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12388",
          "url": "https://www.suse.com/security/cve/CVE-2020-12388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171186 for CVE-2020-12388",
          "url": "https://bugzilla.suse.com/1171186"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12388"
    },
    {
      "cve": "CVE-2020-12389",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12389"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR \u003c 68.8 and Firefox \u003c 76.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12389",
          "url": "https://www.suse.com/security/cve/CVE-2020-12389"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171186 for CVE-2020-12389",
          "url": "https://bugzilla.suse.com/1171186"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12389"
    },
    {
      "cve": "CVE-2020-12390",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12390"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox \u003c 76.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12390",
          "url": "https://www.suse.com/security/cve/CVE-2020-12390"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171186 for CVE-2020-12390",
          "url": "https://bugzilla.suse.com/1171186"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12390"
    },
    {
      "cve": "CVE-2020-12391",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12391"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox \u003c 76.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12391",
          "url": "https://www.suse.com/security/cve/CVE-2020-12391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171186 for CVE-2020-12391",
          "url": "https://bugzilla.suse.com/1171186"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12391"
    },
    {
      "cve": "CVE-2020-12392",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12392"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \u0027Copy as cURL\u0027 feature of Devtools\u0027 network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the \u0027Copy as cURL\u0027 feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR \u003c 68.8, Firefox \u003c 76, and Thunderbird \u003c 68.8.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12392",
          "url": "https://www.suse.com/security/cve/CVE-2020-12392"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171186 for CVE-2020-12392",
          "url": "https://bugzilla.suse.com/1171186"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12392"
    },
    {
      "cve": "CVE-2020-12393",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12393"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \u0027Copy as cURL\u0027 feature of Devtools\u0027 network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the \u0027Copy as cURL\u0027 feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR \u003c 68.8, Firefox \u003c 76, and Thunderbird \u003c 68.8.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12393",
          "url": "https://www.suse.com/security/cve/CVE-2020-12393"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171186 for CVE-2020-12393",
          "url": "https://bugzilla.suse.com/1171186"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12393"
    },
    {
      "cve": "CVE-2020-12394",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12394"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox \u003c 76.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12394",
          "url": "https://www.suse.com/security/cve/CVE-2020-12394"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171186 for CVE-2020-12394",
          "url": "https://bugzilla.suse.com/1171186"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12394"
    },
    {
      "cve": "CVE-2020-12395",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12395"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 68.8, Firefox \u003c 76, and Thunderbird \u003c 68.8.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12395",
          "url": "https://www.suse.com/security/cve/CVE-2020-12395"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171186 for CVE-2020-12395",
          "url": "https://bugzilla.suse.com/1171186"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12395"
    },
    {
      "cve": "CVE-2020-12396",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12396"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 76.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12396",
          "url": "https://www.suse.com/security/cve/CVE-2020-12396"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171186 for CVE-2020-12396",
          "url": "https://bugzilla.suse.com/1171186"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12396"
    },
    {
      "cve": "CVE-2020-12399",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12399"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12399",
          "url": "https://www.suse.com/security/cve/CVE-2020-12399"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171978 for CVE-2020-12399",
          "url": "https://bugzilla.suse.com/1171978"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1172402 for CVE-2020-12399",
          "url": "https://bugzilla.suse.com/1172402"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-12399"
    },
    {
      "cve": "CVE-2020-12400",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12400"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox \u003c 80 and Firefox for Android \u003c 80.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12400",
          "url": "https://www.suse.com/security/cve/CVE-2020-12400"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174763 for CVE-2020-12400",
          "url": "https://bugzilla.suse.com/1174763"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175686 for CVE-2020-12400",
          "url": "https://bugzilla.suse.com/1175686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2020-12400"
    },
    {
      "cve": "CVE-2020-12401",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12401"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox \u003c 80 and Firefox for Android \u003c 80.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12401",
          "url": "https://www.suse.com/security/cve/CVE-2020-12401"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174763 for CVE-2020-12401",
          "url": "https://bugzilla.suse.com/1174763"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175686 for CVE-2020-12401",
          "url": "https://bugzilla.suse.com/1175686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2020-12401"
    },
    {
      "cve": "CVE-2020-12402",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12402"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox \u003c 78.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12402",
          "url": "https://www.suse.com/security/cve/CVE-2020-12402"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173032 for CVE-2020-12402",
          "url": "https://bugzilla.suse.com/1173032"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12402",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12402",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-12402"
    },
    {
      "cve": "CVE-2020-12405",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12405"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12405",
          "url": "https://www.suse.com/security/cve/CVE-2020-12405"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1172402 for CVE-2020-12405",
          "url": "https://bugzilla.suse.com/1172402"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12405"
    },
    {
      "cve": "CVE-2020-12406",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12406"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12406",
          "url": "https://www.suse.com/security/cve/CVE-2020-12406"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1172402 for CVE-2020-12406",
          "url": "https://bugzilla.suse.com/1172402"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12406"
    },
    {
      "cve": "CVE-2020-12407",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12407"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox \u003c 77.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12407",
          "url": "https://www.suse.com/security/cve/CVE-2020-12407"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1172402 for CVE-2020-12407",
          "url": "https://bugzilla.suse.com/1172402"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12407"
    },
    {
      "cve": "CVE-2020-12408",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12408"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. This vulnerability affects Firefox \u003c 77.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12408",
          "url": "https://www.suse.com/security/cve/CVE-2020-12408"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1172402 for CVE-2020-12408",
          "url": "https://bugzilla.suse.com/1172402"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12408"
    },
    {
      "cve": "CVE-2020-12409",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12409"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. This vulnerability affects Firefox \u003c 77.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12409",
          "url": "https://www.suse.com/security/cve/CVE-2020-12409"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1172402 for CVE-2020-12409",
          "url": "https://bugzilla.suse.com/1172402"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12409"
    },
    {
      "cve": "CVE-2020-12411",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12411"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 76. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 77.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12411",
          "url": "https://www.suse.com/security/cve/CVE-2020-12411"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1172402 for CVE-2020-12411",
          "url": "https://bugzilla.suse.com/1172402"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12411"
    },
    {
      "cve": "CVE-2020-12415",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12415"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When \"%2F\" was present in a manifest URL, Firefox\u0027s AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level directory. This vulnerability affects Firefox \u003c 78.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12415",
          "url": "https://www.suse.com/security/cve/CVE-2020-12415"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12415",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12415",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12415"
    },
    {
      "cve": "CVE-2020-12416",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12416"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox \u003c 78.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12416",
          "url": "https://www.suse.com/security/cve/CVE-2020-12416"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12416",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12416",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12416"
    },
    {
      "cve": "CVE-2020-12417",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12417"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR \u003c 68.10, Firefox \u003c 78, and Thunderbird \u003c 68.10.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12417",
          "url": "https://www.suse.com/security/cve/CVE-2020-12417"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12417",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12417",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12417"
    },
    {
      "cve": "CVE-2020-12418",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12418"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR \u003c 68.10, Firefox \u003c 78, and Thunderbird \u003c 68.10.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12418",
          "url": "https://www.suse.com/security/cve/CVE-2020-12418"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12418",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12418",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12418"
    },
    {
      "cve": "CVE-2020-12419",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12419"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 68.10, Firefox \u003c 78, and Thunderbird \u003c 68.10.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12419",
          "url": "https://www.suse.com/security/cve/CVE-2020-12419"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12419",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12419",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12419"
    },
    {
      "cve": "CVE-2020-12420",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12420"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 68.10, Firefox \u003c 78, and Thunderbird \u003c 68.10.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12420",
          "url": "https://www.suse.com/security/cve/CVE-2020-12420"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12420",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12420",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12420"
    },
    {
      "cve": "CVE-2020-12421",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12421"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR \u003c 68.10, Firefox \u003c 78, and Thunderbird \u003c 68.10.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12421",
          "url": "https://www.suse.com/security/cve/CVE-2020-12421"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12421",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12421",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12421"
    },
    {
      "cve": "CVE-2020-12422",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12422"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox \u003c 78.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12422",
          "url": "https://www.suse.com/security/cve/CVE-2020-12422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12422",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12422",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12422"
    },
    {
      "cve": "CVE-2020-12423",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12423"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When the Windows DLL \"webauthn.dll\" was missing from the Operating System, and a malicious one was placed in a folder in the user\u0027s %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.* This vulnerability affects Firefox \u003c 78.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12423",
          "url": "https://www.suse.com/security/cve/CVE-2020-12423"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12423",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12423",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12423"
    },
    {
      "cve": "CVE-2020-12424",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12424"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox \u003c 78.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12424",
          "url": "https://www.suse.com/security/cve/CVE-2020-12424"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12424",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12424",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12424"
    },
    {
      "cve": "CVE-2020-12425",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12425"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to confusion processing a hyphen character in Date.parse(), a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox \u003c 78.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12425",
          "url": "https://www.suse.com/security/cve/CVE-2020-12425"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12425",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12425",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12425"
    },
    {
      "cve": "CVE-2020-12426",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12426"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 78.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12426",
          "url": "https://www.suse.com/security/cve/CVE-2020-12426"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173576 for CVE-2020-12426",
          "url": "https://bugzilla.suse.com/1173576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174230 for CVE-2020-12426",
          "url": "https://bugzilla.suse.com/1174230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12426"
    },
    {
      "cve": "CVE-2020-15254",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15254"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Crossbeam is a set of tools for concurrent programming. In crossbeam-channel before version 0.4.4, the bounded channel incorrectly assumes that `Vec::from_iter` has allocated capacity that same as the number of iterator elements. `Vec::from_iter` does not actually guarantee that and may allocate extra memory. The destructor of the `bounded` channel reconstructs `Vec` from the raw pointer based on the incorrect assumes described above. This is unsound and causing deallocation with the incorrect capacity when `Vec::from_iter` has allocated different sizes with the number of iterator elements. This has been fixed in crossbeam-channel 0.4.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15254",
          "url": "https://www.suse.com/security/cve/CVE-2020-15254"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177872 for CVE-2020-15254",
          "url": "https://bugzilla.suse.com/1177872"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2020-15254"
    },
    {
      "cve": "CVE-2020-15652",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15652"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15652",
          "url": "https://www.suse.com/security/cve/CVE-2020-15652"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174538 for CVE-2020-15652",
          "url": "https://bugzilla.suse.com/1174538"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15652"
    },
    {
      "cve": "CVE-2020-15653",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15653"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15653",
          "url": "https://www.suse.com/security/cve/CVE-2020-15653"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174538 for CVE-2020-15653",
          "url": "https://bugzilla.suse.com/1174538"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15653"
    },
    {
      "cve": "CVE-2020-15654",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15654"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15654",
          "url": "https://www.suse.com/security/cve/CVE-2020-15654"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174538 for CVE-2020-15654",
          "url": "https://bugzilla.suse.com/1174538"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15654"
    },
    {
      "cve": "CVE-2020-15655",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15655"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15655",
          "url": "https://www.suse.com/security/cve/CVE-2020-15655"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174538 for CVE-2020-15655",
          "url": "https://bugzilla.suse.com/1174538"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15655"
    },
    {
      "cve": "CVE-2020-15656",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15656"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15656",
          "url": "https://www.suse.com/security/cve/CVE-2020-15656"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174538 for CVE-2020-15656",
          "url": "https://bugzilla.suse.com/1174538"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15656"
    },
    {
      "cve": "CVE-2020-15657",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15657"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15657",
          "url": "https://www.suse.com/security/cve/CVE-2020-15657"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174538 for CVE-2020-15657",
          "url": "https://bugzilla.suse.com/1174538"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15657"
    },
    {
      "cve": "CVE-2020-15658",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15658"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15658",
          "url": "https://www.suse.com/security/cve/CVE-2020-15658"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174538 for CVE-2020-15658",
          "url": "https://bugzilla.suse.com/1174538"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15658"
    },
    {
      "cve": "CVE-2020-15659",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15659"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15659",
          "url": "https://www.suse.com/security/cve/CVE-2020-15659"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174538 for CVE-2020-15659",
          "url": "https://bugzilla.suse.com/1174538"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15659"
    },
    {
      "cve": "CVE-2020-15663",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15663"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to a previous version which would have allowed exploitation of an older bug and arbitrary code execution with System Privileges. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 80, Thunderbird \u003c 78.2, Thunderbird \u003c 68.12, Firefox ESR \u003c 68.12, and Firefox ESR \u003c 78.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15663",
          "url": "https://www.suse.com/security/cve/CVE-2020-15663"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175686 for CVE-2020-15663",
          "url": "https://bugzilla.suse.com/1175686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15663"
    },
    {
      "cve": "CVE-2020-15664",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15664"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious extension being installed. This vulnerability affects Firefox \u003c 80, Thunderbird \u003c 78.2, Thunderbird \u003c 68.12, Firefox ESR \u003c 68.12, Firefox ESR \u003c 78.2, and Firefox for Android \u003c 80.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15664",
          "url": "https://www.suse.com/security/cve/CVE-2020-15664"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175686 for CVE-2020-15664",
          "url": "https://bugzilla.suse.com/1175686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15664"
    },
    {
      "cve": "CVE-2020-15665",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15665"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page. This could have resulted in an incorrect URL being shown when used in conjunction with other unexpected browser behaviors. This vulnerability affects Firefox \u003c 80.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15665",
          "url": "https://www.suse.com/security/cve/CVE-2020-15665"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175686 for CVE-2020-15665",
          "url": "https://bugzilla.suse.com/1175686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15665"
    },
    {
      "cve": "CVE-2020-15666",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15666"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When trying to load a non-video in an audio/video context the exact status code (200, 302, 404, 500, 412, 403, etc.) was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status to services or device discovery on a local network among other attacks. This vulnerability affects Firefox \u003c 80 and Firefox for Android \u003c 80.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15666",
          "url": "https://www.suse.com/security/cve/CVE-2020-15666"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175686 for CVE-2020-15666",
          "url": "https://bugzilla.suse.com/1175686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15666"
    },
    {
      "cve": "CVE-2020-15667",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15667"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. Within Firefox as released by Mozilla, this issue is only exploitable with the Mozilla-controlled signing key. This vulnerability affects Firefox \u003c 80.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15667",
          "url": "https://www.suse.com/security/cve/CVE-2020-15667"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175686 for CVE-2020-15667",
          "url": "https://bugzilla.suse.com/1175686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15667"
    },
    {
      "cve": "CVE-2020-15668",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15668"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A lock was missing when accessing a data structure and importing certificate information into the trust database. This vulnerability affects Firefox \u003c 80 and Firefox for Android \u003c 80.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15668",
          "url": "https://www.suse.com/security/cve/CVE-2020-15668"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175686 for CVE-2020-15668",
          "url": "https://bugzilla.suse.com/1175686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15668"
    },
    {
      "cve": "CVE-2020-15670",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15670"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 80, Firefox ESR \u003c 78.2, Thunderbird \u003c 78.2, and Firefox for Android \u003c 80.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15670",
          "url": "https://www.suse.com/security/cve/CVE-2020-15670"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175686 for CVE-2020-15670",
          "url": "https://bugzilla.suse.com/1175686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15670"
    },
    {
      "cve": "CVE-2020-15673",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15673"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 81, Thunderbird \u003c 78.3, and Firefox ESR \u003c 78.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15673",
          "url": "https://www.suse.com/security/cve/CVE-2020-15673"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176756 for CVE-2020-15673",
          "url": "https://bugzilla.suse.com/1176756"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176899 for CVE-2020-15673",
          "url": "https://bugzilla.suse.com/1176899"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15673"
    },
    {
      "cve": "CVE-2020-15674",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15674"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 81.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15674",
          "url": "https://www.suse.com/security/cve/CVE-2020-15674"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176756 for CVE-2020-15674",
          "url": "https://bugzilla.suse.com/1176756"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15674"
    },
    {
      "cve": "CVE-2020-15675",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15675"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 81.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15675",
          "url": "https://www.suse.com/security/cve/CVE-2020-15675"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176756 for CVE-2020-15675",
          "url": "https://bugzilla.suse.com/1176756"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15675"
    },
    {
      "cve": "CVE-2020-15676",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15676"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox \u003c 81, Thunderbird \u003c 78.3, and Firefox ESR \u003c 78.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15676",
          "url": "https://www.suse.com/security/cve/CVE-2020-15676"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176756 for CVE-2020-15676",
          "url": "https://bugzilla.suse.com/1176756"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176899 for CVE-2020-15676",
          "url": "https://bugzilla.suse.com/1176899"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15676"
    },
    {
      "cve": "CVE-2020-15677",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15677"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox \u003c 81, Thunderbird \u003c 78.3, and Firefox ESR \u003c 78.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15677",
          "url": "https://www.suse.com/security/cve/CVE-2020-15677"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176756 for CVE-2020-15677",
          "url": "https://bugzilla.suse.com/1176756"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176899 for CVE-2020-15677",
          "url": "https://bugzilla.suse.com/1176899"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15677"
    },
    {
      "cve": "CVE-2020-15678",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15678"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. This vulnerability affects Firefox \u003c 81, Thunderbird \u003c 78.3, and Firefox ESR \u003c 78.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15678",
          "url": "https://www.suse.com/security/cve/CVE-2020-15678"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176756 for CVE-2020-15678",
          "url": "https://bugzilla.suse.com/1176756"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176899 for CVE-2020-15678",
          "url": "https://bugzilla.suse.com/1176899"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15678"
    },
    {
      "cve": "CVE-2020-15680",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15680"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a valid external protocol handler was referenced in an image tag, the resulting broken image size could be distinguished from a broken image size of a non-existent protocol handler. This allowed an attacker to successfully probe whether an external protocol handler was registered. This vulnerability affects Firefox \u003c 82.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15680",
          "url": "https://www.suse.com/security/cve/CVE-2020-15680"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177872 for CVE-2020-15680",
          "url": "https://bugzilla.suse.com/1177872"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15680"
    },
    {
      "cve": "CVE-2020-15681",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15681"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When multiple WASM threads had a reference to a module, and were looking up exported functions, one WASM thread could have overwritten another\u0027s entry in a shared stub table, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 82.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15681",
          "url": "https://www.suse.com/security/cve/CVE-2020-15681"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177872 for CVE-2020-15681",
          "url": "https://bugzilla.suse.com/1177872"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15681"
    },
    {
      "cve": "CVE-2020-15682",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15682"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a link to an external protocol was clicked, a prompt was presented that allowed the user to choose what application to open it in. An attacker could induce that prompt to be associated with an origin they didn\u0027t control, resulting in a spoofing attack. This was fixed by changing external protocol prompts to be tab-modal while also ensuring they could not be incorrectly associated with a different origin. This vulnerability affects Firefox \u003c 82.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15682",
          "url": "https://www.suse.com/security/cve/CVE-2020-15682"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177872 for CVE-2020-15682",
          "url": "https://bugzilla.suse.com/1177872"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15682"
    },
    {
      "cve": "CVE-2020-15683",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15683"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 78.4, Firefox \u003c 82, and Thunderbird \u003c 78.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15683",
          "url": "https://www.suse.com/security/cve/CVE-2020-15683"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177872 for CVE-2020-15683",
          "url": "https://bugzilla.suse.com/1177872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177977 for CVE-2020-15683",
          "url": "https://bugzilla.suse.com/1177977"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15683"
    },
    {
      "cve": "CVE-2020-15684",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15684"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 81. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 82.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15684",
          "url": "https://www.suse.com/security/cve/CVE-2020-15684"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15684"
    },
    {
      "cve": "CVE-2020-15969",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15969"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15969",
          "url": "https://www.suse.com/security/cve/CVE-2020-15969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177408 for CVE-2020-15969",
          "url": "https://bugzilla.suse.com/1177408"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177872 for CVE-2020-15969",
          "url": "https://bugzilla.suse.com/1177872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177977 for CVE-2020-15969",
          "url": "https://bugzilla.suse.com/1177977"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15969"
    },
    {
      "cve": "CVE-2020-15999",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15999"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15999",
          "url": "https://www.suse.com/security/cve/CVE-2020-15999"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177914 for CVE-2020-15999",
          "url": "https://bugzilla.suse.com/1177914"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177936 for CVE-2020-15999",
          "url": "https://bugzilla.suse.com/1177936"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-15999",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-15999",
          "url": "https://bugzilla.suse.com/1178894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15999"
    },
    {
      "cve": "CVE-2020-16012",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-16012"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-16012",
          "url": "https://www.suse.com/security/cve/CVE-2020-16012"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-16012",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-16012",
          "url": "https://bugzilla.suse.com/1178894"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178923 for CVE-2020-16012",
          "url": "https://bugzilla.suse.com/1178923"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-16012"
    },
    {
      "cve": "CVE-2020-16042",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-16042"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-16042",
          "url": "https://www.suse.com/security/cve/CVE-2020-16042"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179576 for CVE-2020-16042",
          "url": "https://bugzilla.suse.com/1179576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-16042",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-16042"
    },
    {
      "cve": "CVE-2020-16044",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-16044"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-16044",
          "url": "https://www.suse.com/security/cve/CVE-2020-16044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180623 for CVE-2020-16044",
          "url": "https://bugzilla.suse.com/1180623"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181137 for CVE-2020-16044",
          "url": "https://bugzilla.suse.com/1181137"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-16044"
    },
    {
      "cve": "CVE-2020-26950",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26950"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox \u003c 82.0.3, Firefox ESR \u003c 78.4.1, and Thunderbird \u003c 78.4.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26950",
          "url": "https://www.suse.com/security/cve/CVE-2020-26950"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1177872 for CVE-2020-26950",
          "url": "https://bugzilla.suse.com/1177872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178588 for CVE-2020-26950",
          "url": "https://bugzilla.suse.com/1178588"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178611 for CVE-2020-26950",
          "url": "https://bugzilla.suse.com/1178611"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26950"
    },
    {
      "cve": "CVE-2020-26951",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26951"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A parsing and event loading mismatch in Firefox\u0027s SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability affects Firefox \u003c 83, Firefox ESR \u003c 78.5, and Thunderbird \u003c 78.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26951",
          "url": "https://www.suse.com/security/cve/CVE-2020-26951"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26951",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-26951",
          "url": "https://bugzilla.suse.com/1178894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26951"
    },
    {
      "cve": "CVE-2020-26952",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26952"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox \u003c 83.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26952",
          "url": "https://www.suse.com/security/cve/CVE-2020-26952"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26952",
          "url": "https://bugzilla.suse.com/1178824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26952"
    },
    {
      "cve": "CVE-2020-26953",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26953"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox \u003c 83, Firefox ESR \u003c 78.5, and Thunderbird \u003c 78.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26953",
          "url": "https://www.suse.com/security/cve/CVE-2020-26953"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26953",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-26953",
          "url": "https://bugzilla.suse.com/1178894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26953"
    },
    {
      "cve": "CVE-2020-26954",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26954"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 83.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26954",
          "url": "https://www.suse.com/security/cve/CVE-2020-26954"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26954",
          "url": "https://bugzilla.suse.com/1178824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-26954"
    },
    {
      "cve": "CVE-2020-26955",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26955"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re-sent during a subsequent file download operation on the same domain, regardless of whether the original and subsequent request were in private and non-private browsing modes. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 83.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26955",
          "url": "https://www.suse.com/security/cve/CVE-2020-26955"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26955",
          "url": "https://bugzilla.suse.com/1178824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-26955"
    },
    {
      "cve": "CVE-2020-26956",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26956"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox \u003c 83, Firefox ESR \u003c 78.5, and Thunderbird \u003c 78.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26956",
          "url": "https://www.suse.com/security/cve/CVE-2020-26956"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26956",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-26956",
          "url": "https://bugzilla.suse.com/1178894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26956"
    },
    {
      "cve": "CVE-2020-26957",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26957"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 83.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26957",
          "url": "https://www.suse.com/security/cve/CVE-2020-26957"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26957",
          "url": "https://bugzilla.suse.com/1178824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-26957"
    },
    {
      "cve": "CVE-2020-26958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass. This vulnerability affects Firefox \u003c 83, Firefox ESR \u003c 78.5, and Thunderbird \u003c 78.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26958",
          "url": "https://www.suse.com/security/cve/CVE-2020-26958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26958",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-26958",
          "url": "https://bugzilla.suse.com/1178894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26958"
    },
    {
      "cve": "CVE-2020-26959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox \u003c 83, Firefox ESR \u003c 78.5, and Thunderbird \u003c 78.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26959",
          "url": "https://www.suse.com/security/cve/CVE-2020-26959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26959",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-26959",
          "url": "https://bugzilla.suse.com/1178894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26959"
    },
    {
      "cve": "CVE-2020-26960",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26960"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox \u003c 83, Firefox ESR \u003c 78.5, and Thunderbird \u003c 78.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26960",
          "url": "https://www.suse.com/security/cve/CVE-2020-26960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26960",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-26960",
          "url": "https://bugzilla.suse.com/1178894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26960"
    },
    {
      "cve": "CVE-2020-26961",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26961"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding attack. This vulnerability affects Firefox \u003c 83, Firefox ESR \u003c 78.5, and Thunderbird \u003c 78.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26961",
          "url": "https://www.suse.com/security/cve/CVE-2020-26961"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26961",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-26961",
          "url": "https://bugzilla.suse.com/1178894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26961"
    },
    {
      "cve": "CVE-2020-26962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox \u003c 83.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26962",
          "url": "https://www.suse.com/security/cve/CVE-2020-26962"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26962",
          "url": "https://bugzilla.suse.com/1178824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26962"
    },
    {
      "cve": "CVE-2020-26963",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26963"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Repeated calls to the history and location interfaces could have been used to hang the browser. This was addressed by introducing rate-limiting to these API calls. This vulnerability affects Firefox \u003c 83.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26963",
          "url": "https://www.suse.com/security/cve/CVE-2020-26963"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26963",
          "url": "https://bugzilla.suse.com/1178824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26963"
    },
    {
      "cve": "CVE-2020-26964",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26964"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix domain socket, protected by the Android SELinux policy; however, SELinux was not enforced for versions prior to 6.0. This was fixed by removing the Remote Debugging via USB feature from affected devices. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 83.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26964",
          "url": "https://www.suse.com/security/cve/CVE-2020-26964"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26964",
          "url": "https://bugzilla.suse.com/1178824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-26964"
    },
    {
      "cve": "CVE-2020-26965",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26965"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Some websites have a feature \"Show Password\" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remembers user input, a user typed their password and used that feature, the type of the password field was changed, resulting in a keyboard layout change and the possibility for the software keyboard to remember the typed password. This vulnerability affects Firefox \u003c 83, Firefox ESR \u003c 78.5, and Thunderbird \u003c 78.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26965",
          "url": "https://www.suse.com/security/cve/CVE-2020-26965"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26965",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-26965",
          "url": "https://bugzilla.suse.com/1178894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26965"
    },
    {
      "cve": "CVE-2020-26966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 83, Firefox ESR \u003c 78.5, and Thunderbird \u003c 78.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26966",
          "url": "https://www.suse.com/security/cve/CVE-2020-26966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26966",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-26966",
          "url": "https://bugzilla.suse.com/1178894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26966"
    },
    {
      "cve": "CVE-2020-26967",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26967"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability affects Firefox \u003c 83.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26967",
          "url": "https://www.suse.com/security/cve/CVE-2020-26967"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26967",
          "url": "https://bugzilla.suse.com/1178824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26967"
    },
    {
      "cve": "CVE-2020-26968",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26968"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 83, Firefox ESR \u003c 78.5, and Thunderbird \u003c 78.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26968",
          "url": "https://www.suse.com/security/cve/CVE-2020-26968"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26968",
          "url": "https://bugzilla.suse.com/1178824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178894 for CVE-2020-26968",
          "url": "https://bugzilla.suse.com/1178894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26968"
    },
    {
      "cve": "CVE-2020-26969",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26969"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 82. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 83.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26969",
          "url": "https://www.suse.com/security/cve/CVE-2020-26969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178824 for CVE-2020-26969",
          "url": "https://bugzilla.suse.com/1178824"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26969"
    },
    {
      "cve": "CVE-2020-26971",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26971"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox \u003c 84, Thunderbird \u003c 78.6, and Firefox ESR \u003c 78.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26971",
          "url": "https://www.suse.com/security/cve/CVE-2020-26971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-26971",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26971"
    },
    {
      "cve": "CVE-2020-26972",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26972"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox \u003c 84.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26972",
          "url": "https://www.suse.com/security/cve/CVE-2020-26972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-26972",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26972"
    },
    {
      "cve": "CVE-2020-26973",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26973"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox \u003c 84, Thunderbird \u003c 78.6, and Firefox ESR \u003c 78.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26973",
          "url": "https://www.suse.com/security/cve/CVE-2020-26973"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-26973",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26973"
    },
    {
      "cve": "CVE-2020-26974",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26974"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox \u003c 84, Thunderbird \u003c 78.6, and Firefox ESR \u003c 78.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26974",
          "url": "https://www.suse.com/security/cve/CVE-2020-26974"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-26974",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26974"
    },
    {
      "cve": "CVE-2020-26975",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26975"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a malicious application installed on the user\u0027s device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 84.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26975",
          "url": "https://www.suse.com/security/cve/CVE-2020-26975"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-26975",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26975"
    },
    {
      "cve": "CVE-2020-26976",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26976"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing. This vulnerability affects Firefox \u003c 84.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26976",
          "url": "https://www.suse.com/security/cve/CVE-2020-26976"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-26976",
          "url": "https://bugzilla.suse.com/1180039"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181414 for CVE-2020-26976",
          "url": "https://bugzilla.suse.com/1181414"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26976"
    },
    {
      "cve": "CVE-2020-26977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By attempting to connect a website using an unresponsive port, an attacker could have controlled the content of a tab while the URL bar displayed the original domain. *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 84.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26977",
          "url": "https://www.suse.com/security/cve/CVE-2020-26977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-26977",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26977"
    },
    {
      "cve": "CVE-2020-26978",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26978"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network\u0027s hosts as well as services running on the user\u0027s local machine. This vulnerability affects Firefox \u003c 84, Thunderbird \u003c 78.6, and Firefox ESR \u003c 78.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26978",
          "url": "https://www.suse.com/security/cve/CVE-2020-26978"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-26978",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26978"
    },
    {
      "cve": "CVE-2020-26979",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-26979"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event and then redirect the user before navigation occurred to the desired, entered address. To construct a convincing spoof the attacker would have had to guess what the user was typing, perhaps by suggesting it. This vulnerability affects Firefox \u003c 84.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-26979",
          "url": "https://www.suse.com/security/cve/CVE-2020-26979"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-26979",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-26979"
    },
    {
      "cve": "CVE-2020-35111",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-35111"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When an extension with the proxy permission registered to receive \u003call_urls\u003e, the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox \u003c 84, Thunderbird \u003c 78.6, and Firefox ESR \u003c 78.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-35111",
          "url": "https://www.suse.com/security/cve/CVE-2020-35111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-35111",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-35111"
    },
    {
      "cve": "CVE-2020-35112",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-35112"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a user downloaded a file lacking an extension on Windows, and then \"Open\"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 84, Thunderbird \u003c 78.6, and Firefox ESR \u003c 78.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-35112",
          "url": "https://www.suse.com/security/cve/CVE-2020-35112"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-35112",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-35112"
    },
    {
      "cve": "CVE-2020-35113",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-35113"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 84, Thunderbird \u003c 78.6, and Firefox ESR \u003c 78.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-35113",
          "url": "https://www.suse.com/security/cve/CVE-2020-35113"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-35113",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-35113"
    },
    {
      "cve": "CVE-2020-35114",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-35114"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 83. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 84.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-35114",
          "url": "https://www.suse.com/security/cve/CVE-2020-35114"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180039 for CVE-2020-35114",
          "url": "https://bugzilla.suse.com/1180039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-35114"
    },
    {
      "cve": "CVE-2020-6463",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6463"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6463",
          "url": "https://www.suse.com/security/cve/CVE-2020-6463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171975 for CVE-2020-6463",
          "url": "https://bugzilla.suse.com/1171975"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174538 for CVE-2020-6463",
          "url": "https://bugzilla.suse.com/1174538"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-6463"
    },
    {
      "cve": "CVE-2020-6514",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6514"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6514",
          "url": "https://www.suse.com/security/cve/CVE-2020-6514"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174189 for CVE-2020-6514",
          "url": "https://bugzilla.suse.com/1174189"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174538 for CVE-2020-6514",
          "url": "https://bugzilla.suse.com/1174538"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6514"
    },
    {
      "cve": "CVE-2020-6796",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6796"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 73 and Firefox \u003c ESR68.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6796",
          "url": "https://www.suse.com/security/cve/CVE-2020-6796"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163368 for CVE-2020-6796",
          "url": "https://bugzilla.suse.com/1163368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6796"
    },
    {
      "cve": "CVE-2020-6797",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6797"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user\u0027s computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird \u003c 68.5, Firefox \u003c 73, and Firefox \u003c ESR68.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6797",
          "url": "https://www.suse.com/security/cve/CVE-2020-6797"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163368 for CVE-2020-6797",
          "url": "https://bugzilla.suse.com/1163368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6797"
    },
    {
      "cve": "CVE-2020-6798",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6798"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but is potentially a risk in browser or browser-like contexts. This vulnerability affects Thunderbird \u003c 68.5, Firefox \u003c 73, and Firefox \u003c ESR68.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6798",
          "url": "https://www.suse.com/security/cve/CVE-2020-6798"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163368 for CVE-2020-6798",
          "url": "https://bugzilla.suse.com/1163368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6798"
    },
    {
      "cve": "CVE-2020-6799",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6799"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application that insufficiently sanitized URL data. In that situation, clicking a link in the third party application could have been used to retrieve and execute files whose location was supplied through command line arguments. Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected. This vulnerability affects Firefox \u003c 73 and Firefox \u003c ESR68.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6799",
          "url": "https://www.suse.com/security/cve/CVE-2020-6799"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163368 for CVE-2020-6799",
          "url": "https://bugzilla.suse.com/1163368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6799"
    },
    {
      "cve": "CVE-2020-6800",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6800"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird \u003c 68.5, Firefox \u003c 73, and Firefox \u003c ESR68.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6800",
          "url": "https://www.suse.com/security/cve/CVE-2020-6800"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163368 for CVE-2020-6800",
          "url": "https://bugzilla.suse.com/1163368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6800"
    },
    {
      "cve": "CVE-2020-6801",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6801"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 73.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6801",
          "url": "https://www.suse.com/security/cve/CVE-2020-6801"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163368 for CVE-2020-6801",
          "url": "https://bugzilla.suse.com/1163368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6801"
    },
    {
      "cve": "CVE-2020-6805",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6805"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6805",
          "url": "https://www.suse.com/security/cve/CVE-2020-6805"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2020-6805",
          "url": "https://bugzilla.suse.com/1166238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6805"
    },
    {
      "cve": "CVE-2020-6806",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6806"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6806",
          "url": "https://www.suse.com/security/cve/CVE-2020-6806"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2020-6806",
          "url": "https://bugzilla.suse.com/1166238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6806"
    },
    {
      "cve": "CVE-2020-6807",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6807"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a device was changed while a stream was about to be destroyed, the \u003ccode\u003estream-reinit\u003c/code\u003e task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6807",
          "url": "https://www.suse.com/security/cve/CVE-2020-6807"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2020-6807",
          "url": "https://bugzilla.suse.com/1166238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6807"
    },
    {
      "cve": "CVE-2020-6808",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6808"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document\u0027s URL (as reported by the document.location property, for example) was the originating javascript: URL which could lead to spoofing attacks; it is now correctly the URL of the originating document. This vulnerability affects Firefox \u003c 74.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6808",
          "url": "https://www.suse.com/security/cve/CVE-2020-6808"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2020-6808",
          "url": "https://bugzilla.suse.com/1166238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6808"
    },
    {
      "cve": "CVE-2020-6809",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6809"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a Web Extension had the all-urls permission and made a fetch request with a mode set to \u0027same-origin\u0027, it was possible for the Web Extension to read local files. This vulnerability affects Firefox \u003c 74.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6809",
          "url": "https://www.suse.com/security/cve/CVE-2020-6809"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2020-6809",
          "url": "https://bugzilla.suse.com/1166238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6809"
    },
    {
      "cve": "CVE-2020-6810",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6810"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. Combined with spoofing the browser chrome, this could have led to confusing the user about the current origin of the page and credential theft or other attacks. This vulnerability affects Firefox \u003c 74.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6810",
          "url": "https://www.suse.com/security/cve/CVE-2020-6810"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2020-6810",
          "url": "https://bugzilla.suse.com/1166238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6810"
    },
    {
      "cve": "CVE-2020-6811",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6811"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \u0027Copy as cURL\u0027 feature of Devtools\u0027 network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the \u0027Copy as Curl\u0027 feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6811",
          "url": "https://www.suse.com/security/cve/CVE-2020-6811"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2020-6811",
          "url": "https://bugzilla.suse.com/1166238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6811"
    },
    {
      "cve": "CVE-2020-6812",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6812"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The first time AirPods are connected to an iPhone, they become named after the user\u0027s name by default (e.g. Jane Doe\u0027s AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user\u0027s name. To resolve this issue, Firefox added a special case that renames devices containing the substring \u0027AirPods\u0027 to simply \u0027AirPods\u0027. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6812",
          "url": "https://www.suse.com/security/cve/CVE-2020-6812"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2020-6812",
          "url": "https://bugzilla.suse.com/1166238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6812"
    },
    {
      "cve": "CVE-2020-6813",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6813"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox \u003c 74.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6813",
          "url": "https://www.suse.com/security/cve/CVE-2020-6813"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2020-6813",
          "url": "https://bugzilla.suse.com/1166238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6813"
    },
    {
      "cve": "CVE-2020-6814",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6814"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6814",
          "url": "https://www.suse.com/security/cve/CVE-2020-6814"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2020-6814",
          "url": "https://bugzilla.suse.com/1166238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6814"
    },
    {
      "cve": "CVE-2020-6815",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6815"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 74.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6815",
          "url": "https://www.suse.com/security/cve/CVE-2020-6815"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1166238 for CVE-2020-6815",
          "url": "https://bugzilla.suse.com/1166238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6815"
    },
    {
      "cve": "CVE-2020-6819",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6819"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox \u003c 74.0.1, and Firefox ESR \u003c 68.6.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6819",
          "url": "https://www.suse.com/security/cve/CVE-2020-6819"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168630 for CVE-2020-6819",
          "url": "https://bugzilla.suse.com/1168630"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168874 for CVE-2020-6819",
          "url": "https://bugzilla.suse.com/1168874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6819"
    },
    {
      "cve": "CVE-2020-6820",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6820"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox \u003c 74.0.1, and Firefox ESR \u003c 68.6.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6820",
          "url": "https://www.suse.com/security/cve/CVE-2020-6820"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168630 for CVE-2020-6820",
          "url": "https://bugzilla.suse.com/1168630"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168874 for CVE-2020-6820",
          "url": "https://bugzilla.suse.com/1168874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6820"
    },
    {
      "cve": "CVE-2020-6821",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6821"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When reading from areas partially or fully outside the source resource with WebGL\u0027s \u003ccode\u003ecopyTexSubImage\u003c/code\u003e method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox ESR \u003c 68.7, and Firefox \u003c 75.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6821",
          "url": "https://www.suse.com/security/cve/CVE-2020-6821"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168630 for CVE-2020-6821",
          "url": "https://bugzilla.suse.com/1168630"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168874 for CVE-2020-6821",
          "url": "https://bugzilla.suse.com/1168874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6821"
    },
    {
      "cve": "CVE-2020-6822",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6822"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in \u003ccode\u003eGMPDecodeData\u003c/code\u003e. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox ESR \u003c 68.7, and Firefox \u003c 75.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6822",
          "url": "https://www.suse.com/security/cve/CVE-2020-6822"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168630 for CVE-2020-6822",
          "url": "https://bugzilla.suse.com/1168630"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168874 for CVE-2020-6822",
          "url": "https://bugzilla.suse.com/1168874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6822"
    },
    {
      "cve": "CVE-2020-6823",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6823"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious extension could have called \u003ccode\u003ebrowser.identity.launchWebAuthFlow\u003c/code\u003e, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user\u0027s account at the service provider. This vulnerability affects Firefox \u003c 75.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6823",
          "url": "https://www.suse.com/security/cve/CVE-2020-6823"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168874 for CVE-2020-6823",
          "url": "https://bugzilla.suse.com/1168874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6823"
    },
    {
      "cve": "CVE-2020-6824",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6824"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent. This vulnerability affects Firefox \u003c 75.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6824",
          "url": "https://www.suse.com/security/cve/CVE-2020-6824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168874 for CVE-2020-6824",
          "url": "https://bugzilla.suse.com/1168874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6824"
    },
    {
      "cve": "CVE-2020-6825",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6825"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox ESR \u003c 68.7, and Firefox \u003c 75.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6825",
          "url": "https://www.suse.com/security/cve/CVE-2020-6825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168630 for CVE-2020-6825",
          "url": "https://bugzilla.suse.com/1168630"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168874 for CVE-2020-6825",
          "url": "https://bugzilla.suse.com/1168874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6825"
    },
    {
      "cve": "CVE-2020-6826",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6826"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 75.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6826",
          "url": "https://www.suse.com/security/cve/CVE-2020-6826"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1168874 for CVE-2020-6826",
          "url": "https://bugzilla.suse.com/1168874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6826"
    },
    {
      "cve": "CVE-2020-6829",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6829"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox \u003c 80 and Firefox for Android \u003c 80.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6829",
          "url": "https://www.suse.com/security/cve/CVE-2020-6829"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174763 for CVE-2020-6829",
          "url": "https://bugzilla.suse.com/1174763"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175686 for CVE-2020-6829",
          "url": "https://bugzilla.suse.com/1175686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2020-6829"
    },
    {
      "cve": "CVE-2020-6831",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6831"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 68.8, Firefox \u003c 76, and Thunderbird \u003c 68.8.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6831",
          "url": "https://www.suse.com/security/cve/CVE-2020-6831"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171186 for CVE-2020-6831",
          "url": "https://bugzilla.suse.com/1171186"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171247 for CVE-2020-6831",
          "url": "https://bugzilla.suse.com/1171247"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6831"
    },
    {
      "cve": "CVE-2021-23953",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23953"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox \u003c 85, Thunderbird \u003c 78.7, and Firefox ESR \u003c 78.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23953",
          "url": "https://www.suse.com/security/cve/CVE-2021-23953"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181414 for CVE-2021-23953",
          "url": "https://bugzilla.suse.com/1181414"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23953"
    },
    {
      "cve": "CVE-2021-23954",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23954"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 85, Thunderbird \u003c 78.7, and Firefox ESR \u003c 78.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23954",
          "url": "https://www.suse.com/security/cve/CVE-2021-23954"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181414 for CVE-2021-23954",
          "url": "https://bugzilla.suse.com/1181414"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23954"
    },
    {
      "cve": "CVE-2021-23955",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23955"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox \u003c 85.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23955",
          "url": "https://www.suse.com/security/cve/CVE-2021-23955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-23955"
    },
    {
      "cve": "CVE-2021-23956",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23956"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox \u003c 85.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23956",
          "url": "https://www.suse.com/security/cve/CVE-2021-23956"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-23956"
    },
    {
      "cve": "CVE-2021-23957",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23957"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox \u003c 85.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23957",
          "url": "https://www.suse.com/security/cve/CVE-2021-23957"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-23957"
    },
    {
      "cve": "CVE-2021-23958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox \u003c 85.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23958",
          "url": "https://www.suse.com/security/cve/CVE-2021-23958"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-23958"
    },
    {
      "cve": "CVE-2021-23959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox \u003c 85.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23959",
          "url": "https://www.suse.com/security/cve/CVE-2021-23959"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-23959"
    },
    {
      "cve": "CVE-2021-23960",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23960"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox \u003c 85, Thunderbird \u003c 78.7, and Firefox ESR \u003c 78.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23960",
          "url": "https://www.suse.com/security/cve/CVE-2021-23960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181414 for CVE-2021-23960",
          "url": "https://bugzilla.suse.com/1181414"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23960"
    },
    {
      "cve": "CVE-2021-23961",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23961"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network\u0027s hosts as well as services running on the user\u0027s local machine. This vulnerability affects Firefox \u003c 85.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23961",
          "url": "https://www.suse.com/security/cve/CVE-2021-23961"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-23961",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23961"
    },
    {
      "cve": "CVE-2021-23962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect use of the \u0027\u003cRowCountChanged\u003e\u0027 method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox \u003c 85.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23962",
          "url": "https://www.suse.com/security/cve/CVE-2021-23962"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-23962"
    },
    {
      "cve": "CVE-2021-23963",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23963"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox \u003c 85.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23963",
          "url": "https://www.suse.com/security/cve/CVE-2021-23963"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-23963"
    },
    {
      "cve": "CVE-2021-23964",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23964"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 85, Thunderbird \u003c 78.7, and Firefox ESR \u003c 78.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23964",
          "url": "https://www.suse.com/security/cve/CVE-2021-23964"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181414 for CVE-2021-23964",
          "url": "https://bugzilla.suse.com/1181414"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23964"
    },
    {
      "cve": "CVE-2021-23965",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23965"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 85.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23965",
          "url": "https://www.suse.com/security/cve/CVE-2021-23965"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-23965"
    },
    {
      "cve": "CVE-2021-23968",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23968"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox \u003c 86, Thunderbird \u003c 78.8, and Firefox ESR \u003c 78.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23968",
          "url": "https://www.suse.com/security/cve/CVE-2021-23968"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23968",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23968"
    },
    {
      "cve": "CVE-2021-23969",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23969"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "As specified in the W3C Content Security Policy draft, when creating a violation report, \"User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that\u0027s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage.\" Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination\u0027s origin. This vulnerability affects Firefox \u003c 86, Thunderbird \u003c 78.8, and Firefox ESR \u003c 78.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23969",
          "url": "https://www.suse.com/security/cve/CVE-2021-23969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23969",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23969"
    },
    {
      "cve": "CVE-2021-23970",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23970"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Context-specific code was included in a shared jump table; resulting in assertions being triggered in multithreaded wasm code. This vulnerability affects Firefox \u003c 86.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23970",
          "url": "https://www.suse.com/security/cve/CVE-2021-23970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23970",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23970"
    },
    {
      "cve": "CVE-2021-23971",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23971"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect\u0027s Referrer-Policy. This would have potentially resulted in more information than intended by the original origin being provided to the destination of the redirect. This vulnerability affects Firefox \u003c 86.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23971",
          "url": "https://www.suse.com/security/cve/CVE-2021-23971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23971",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23971"
    },
    {
      "cve": "CVE-2021-23972",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23972"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "One phishing tactic on the web is to provide a link with HTTP Auth. For example \u0027https://www.phishingtarget.com@evil.com\u0027. To mitigate this type of attack, Firefox will display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a redirect that was cached by the browser. This vulnerability affects Firefox \u003c 86.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23972",
          "url": "https://www.suse.com/security/cve/CVE-2021-23972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23972",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23972"
    },
    {
      "cve": "CVE-2021-23973",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23973"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource. This vulnerability affects Firefox \u003c 86, Thunderbird \u003c 78.8, and Firefox ESR \u003c 78.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23973",
          "url": "https://www.suse.com/security/cve/CVE-2021-23973"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23973",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23973"
    },
    {
      "cve": "CVE-2021-23974",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23974"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The DOMParser API did not properly process \u0027\u003cnoscript\u003e\u0027 elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox \u003c 86.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23974",
          "url": "https://www.suse.com/security/cve/CVE-2021-23974"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23974",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23974"
    },
    {
      "cve": "CVE-2021-23975",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23975"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects Firefox \u003c 86.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23975",
          "url": "https://www.suse.com/security/cve/CVE-2021-23975"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23975",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23975"
    },
    {
      "cve": "CVE-2021-23976",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23976"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. Note: This issue is a different issue from CVE-2020-26954 and only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox \u003c 86.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23976",
          "url": "https://www.suse.com/security/cve/CVE-2021-23976"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23976",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23976"
    },
    {
      "cve": "CVE-2021-23977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox \u003c 86.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23977",
          "url": "https://www.suse.com/security/cve/CVE-2021-23977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23977",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23977"
    },
    {
      "cve": "CVE-2021-23978",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23978"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 86, Thunderbird \u003c 78.8, and Firefox ESR \u003c 78.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23978",
          "url": "https://www.suse.com/security/cve/CVE-2021-23978"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23978",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23978"
    },
    {
      "cve": "CVE-2021-23979",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23979"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 85. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 86.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23979",
          "url": "https://www.suse.com/security/cve/CVE-2021-23979"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182614 for CVE-2021-23979",
          "url": "https://bugzilla.suse.com/1182614"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23979"
    },
    {
      "cve": "CVE-2021-23981",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23981"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR \u003c 78.9, Firefox \u003c 87, and Thunderbird \u003c 78.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23981",
          "url": "https://www.suse.com/security/cve/CVE-2021-23981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183942 for CVE-2021-23981",
          "url": "https://bugzilla.suse.com/1183942"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23981"
    },
    {
      "cve": "CVE-2021-23982",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23982"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network\u0027s hosts as well as services running on the user\u0027s local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR \u003c 78.9, Firefox \u003c 87, and Thunderbird \u003c 78.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23982",
          "url": "https://www.suse.com/security/cve/CVE-2021-23982"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183942 for CVE-2021-23982",
          "url": "https://bugzilla.suse.com/1183942"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23982"
    },
    {
      "cve": "CVE-2021-23983",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23983"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 87.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23983",
          "url": "https://www.suse.com/security/cve/CVE-2021-23983"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183942 for CVE-2021-23983",
          "url": "https://bugzilla.suse.com/1183942"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23983"
    },
    {
      "cve": "CVE-2021-23984",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23984"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing credentials. This vulnerability affects Firefox ESR \u003c 78.9, Firefox \u003c 87, and Thunderbird \u003c 78.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23984",
          "url": "https://www.suse.com/security/cve/CVE-2021-23984"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183942 for CVE-2021-23984",
          "url": "https://bugzilla.suse.com/1183942"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23984"
    },
    {
      "cve": "CVE-2021-23985",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23985"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an attacker is able to alter specific about:config values (for example malware running on the user\u0027s computer), the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker (able to make a direct network connection to the victim) to monitor the user\u0027s browsing activity and (plaintext) network traffic. This was addressed by providing a visual cue when Devtools has an open network socket. This vulnerability affects Firefox \u003c 87.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23985",
          "url": "https://www.suse.com/security/cve/CVE-2021-23985"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183942 for CVE-2021-23985",
          "url": "https://bugzilla.suse.com/1183942"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23985"
    },
    {
      "cve": "CVE-2021-23986",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23986"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious extension with the \u0027search\u0027 permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which should not have cross-origin permissions. This cross-origin request was made without cookies, so the sensitive information disclosed by the violation was limited to local-network resources or resources that perform IP-based authentication. This vulnerability affects Firefox \u003c 87.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23986",
          "url": "https://www.suse.com/security/cve/CVE-2021-23986"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183942 for CVE-2021-23986",
          "url": "https://bugzilla.suse.com/1183942"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23986"
    },
    {
      "cve": "CVE-2021-23987",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23987"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 78.9, Firefox \u003c 87, and Thunderbird \u003c 78.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23987",
          "url": "https://www.suse.com/security/cve/CVE-2021-23987"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183942 for CVE-2021-23987",
          "url": "https://bugzilla.suse.com/1183942"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23987"
    },
    {
      "cve": "CVE-2021-23988",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23988"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 87.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23988",
          "url": "https://www.suse.com/security/cve/CVE-2021-23988"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183942 for CVE-2021-23988",
          "url": "https://bugzilla.suse.com/1183942"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23988"
    },
    {
      "cve": "CVE-2021-23994",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23994"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR \u003c 78.10, Thunderbird \u003c 78.10, and Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23994",
          "url": "https://www.suse.com/security/cve/CVE-2021-23994"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-23994",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23994"
    },
    {
      "cve": "CVE-2021-23995",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23995"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 78.10, Thunderbird \u003c 78.10, and Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23995",
          "url": "https://www.suse.com/security/cve/CVE-2021-23995"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-23995",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23995"
    },
    {
      "cve": "CVE-2021-23996",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23996"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage\u0027s viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user. This vulnerability affects Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23996",
          "url": "https://www.suse.com/security/cve/CVE-2021-23996"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-23996",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23996"
    },
    {
      "cve": "CVE-2021-23997",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23997"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23997",
          "url": "https://www.suse.com/security/cve/CVE-2021-23997"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-23997",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23997"
    },
    {
      "cve": "CVE-2021-23998",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23998"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR \u003c 78.10, Thunderbird \u003c 78.10, and Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23998",
          "url": "https://www.suse.com/security/cve/CVE-2021-23998"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-23998",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23998"
    },
    {
      "cve": "CVE-2021-23999",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-23999"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR \u003c 78.10, Thunderbird \u003c 78.10, and Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-23999",
          "url": "https://www.suse.com/security/cve/CVE-2021-23999"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-23999",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-23999"
    },
    {
      "cve": "CVE-2021-24000",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-24000"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as \u0026lt;input type=\"file\"\u0026gt;) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to. This vulnerability affects Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-24000",
          "url": "https://www.suse.com/security/cve/CVE-2021-24000"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-24000",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-24000"
    },
    {
      "cve": "CVE-2021-24001",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-24001"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-24001",
          "url": "https://www.suse.com/security/cve/CVE-2021-24001"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-24001",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-24001"
    },
    {
      "cve": "CVE-2021-24002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-24002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR \u003c 78.10, Thunderbird \u003c 78.10, and Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-24002",
          "url": "https://www.suse.com/security/cve/CVE-2021-24002"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-24002",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-24002"
    },
    {
      "cve": "CVE-2021-29944",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29944"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29944",
          "url": "https://www.suse.com/security/cve/CVE-2021-29944"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-29944",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29944"
    },
    {
      "cve": "CVE-2021-29945",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29945"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*. This vulnerability affects Firefox ESR \u003c 78.10, Thunderbird \u003c 78.10, and Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29945",
          "url": "https://www.suse.com/security/cve/CVE-2021-29945"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-29945",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29945"
    },
    {
      "cve": "CVE-2021-29946",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29946"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR \u003c 78.10, Thunderbird \u003c 78.10, and Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29946",
          "url": "https://www.suse.com/security/cve/CVE-2021-29946"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-29946",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29946"
    },
    {
      "cve": "CVE-2021-29947",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29947"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 87. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 88.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29947",
          "url": "https://www.suse.com/security/cve/CVE-2021-29947"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184960 for CVE-2021-29947",
          "url": "https://bugzilla.suse.com/1184960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29947"
    },
    {
      "cve": "CVE-2021-29952",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29952"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. This vulnerability affects Firefox \u003c 88.0.1 and Firefox for Android \u003c 88.1.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29952",
          "url": "https://www.suse.com/security/cve/CVE-2021-29952"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186196 for CVE-2021-29952",
          "url": "https://bugzilla.suse.com/1186196"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29952"
    },
    {
      "cve": "CVE-2021-29959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. This was only possible if the website kept recording with the microphone until re-enabling the camera. This vulnerability affects Firefox \u003c 89.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29959",
          "url": "https://www.suse.com/security/cve/CVE-2021-29959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186696 for CVE-2021-29959",
          "url": "https://bugzilla.suse.com/1186696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29959"
    },
    {
      "cve": "CVE-2021-29960",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29960"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. This vulnerability affects Firefox \u003c 89.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29960",
          "url": "https://www.suse.com/security/cve/CVE-2021-29960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186696 for CVE-2021-29960",
          "url": "https://bugzilla.suse.com/1186696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29960"
    },
    {
      "cve": "CVE-2021-29961",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29961"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When styling and rendering an oversized `\u003cselect\u003e` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox \u003c 89.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29961",
          "url": "https://www.suse.com/security/cve/CVE-2021-29961"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186696 for CVE-2021-29961",
          "url": "https://bugzilla.suse.com/1186696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29961"
    },
    {
      "cve": "CVE-2021-29962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox for Android would become unstable and hard-to-recover when a website opened too many popups. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 89.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29962",
          "url": "https://www.suse.com/security/cve/CVE-2021-29962"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186696 for CVE-2021-29962",
          "url": "https://bugzilla.suse.com/1186696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29962"
    },
    {
      "cve": "CVE-2021-29963",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29963"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Address bar search suggestions in private browsing mode were re-using session data from normal mode. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 89.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29963",
          "url": "https://www.suse.com/security/cve/CVE-2021-29963"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186696 for CVE-2021-29963",
          "url": "https://bugzilla.suse.com/1186696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29963"
    },
    {
      "cve": "CVE-2021-29964",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29964"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird \u003c 78.11, Firefox \u003c 89, and Firefox ESR \u003c 78.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29964",
          "url": "https://www.suse.com/security/cve/CVE-2021-29964"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186696 for CVE-2021-29964",
          "url": "https://bugzilla.suse.com/1186696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29964"
    },
    {
      "cve": "CVE-2021-29965",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29965"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 89.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29965",
          "url": "https://www.suse.com/security/cve/CVE-2021-29965"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186696 for CVE-2021-29965",
          "url": "https://bugzilla.suse.com/1186696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29965"
    },
    {
      "cve": "CVE-2021-29966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 89.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29966",
          "url": "https://www.suse.com/security/cve/CVE-2021-29966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186696 for CVE-2021-29966",
          "url": "https://bugzilla.suse.com/1186696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29966"
    },
    {
      "cve": "CVE-2021-29967",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29967"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 78.11, Firefox \u003c 89, and Firefox ESR \u003c 78.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29967",
          "url": "https://www.suse.com/security/cve/CVE-2021-29967"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186696 for CVE-2021-29967",
          "url": "https://bugzilla.suse.com/1186696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29967"
    },
    {
      "cve": "CVE-2021-29970",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29970"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird \u003c 78.12, Firefox ESR \u003c 78.12, and Firefox \u003c 90.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29970",
          "url": "https://www.suse.com/security/cve/CVE-2021-29970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188275 for CVE-2021-29970",
          "url": "https://bugzilla.suse.com/1188275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29970"
    },
    {
      "cve": "CVE-2021-29971",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29971"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 90.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29971",
          "url": "https://www.suse.com/security/cve/CVE-2021-29971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188275 for CVE-2021-29971",
          "url": "https://bugzilla.suse.com/1188275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29971"
    },
    {
      "cve": "CVE-2021-29972",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29972"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library. Updating the library resolved the issue, and may have remediated other, unknown security vulnerabilities as well. This vulnerability affects Firefox \u003c 90.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29972",
          "url": "https://www.suse.com/security/cve/CVE-2021-29972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188275 for CVE-2021-29972",
          "url": "https://bugzilla.suse.com/1188275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29972"
    },
    {
      "cve": "CVE-2021-29973",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29973"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user\u0027s password would be entered by the browser\u0027s autofill functionality *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 90.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29973",
          "url": "https://www.suse.com/security/cve/CVE-2021-29973"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188275 for CVE-2021-29973",
          "url": "https://bugzilla.suse.com/1188275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29973"
    },
    {
      "cve": "CVE-2021-29974",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29974"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When network partitioning was enabled, e.g. as a result of Enhanced Tracking Protection settings, a TLS error page would allow the user to override an error on a domain which had specified HTTP Strict Transport Security (which implies that the error should not be override-able.) This issue did not affect the network connections, and they were correctly upgraded to HTTPS automatically. This vulnerability affects Firefox \u003c 90.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29974",
          "url": "https://www.suse.com/security/cve/CVE-2021-29974"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188275 for CVE-2021-29974",
          "url": "https://bugzilla.suse.com/1188275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29974"
    },
    {
      "cve": "CVE-2021-29975",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29975"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain (with the new domain correctly shown in the address bar) resulting in possible user confusion. This vulnerability affects Firefox \u003c 90.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29975",
          "url": "https://www.suse.com/security/cve/CVE-2021-29975"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188275 for CVE-2021-29975",
          "url": "https://bugzilla.suse.com/1188275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29975"
    },
    {
      "cve": "CVE-2021-29976",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29976"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 78.12, Firefox ESR \u003c 78.12, and Firefox \u003c 90.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29976",
          "url": "https://www.suse.com/security/cve/CVE-2021-29976"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188275 for CVE-2021-29976",
          "url": "https://bugzilla.suse.com/1188275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29976"
    },
    {
      "cve": "CVE-2021-29977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 89. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 90.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29977",
          "url": "https://www.suse.com/security/cve/CVE-2021-29977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188275 for CVE-2021-29977",
          "url": "https://bugzilla.suse.com/1188275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29977"
    },
    {
      "cve": "CVE-2021-29980",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29980"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 78.13, Thunderbird \u003c 91, Firefox ESR \u003c 78.13, and Firefox \u003c 91.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29980",
          "url": "https://www.suse.com/security/cve/CVE-2021-29980"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29980"
    },
    {
      "cve": "CVE-2021-29981",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29981"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code that would lead to a potentially exploitable crash. This vulnerability affects Firefox \u003c 91 and Thunderbird \u003c 91.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29981",
          "url": "https://www.suse.com/security/cve/CVE-2021-29981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189631 for CVE-2021-29981",
          "url": "https://bugzilla.suse.com/1189631"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29981"
    },
    {
      "cve": "CVE-2021-29982",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29982"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a single bit of memory. This vulnerability affects Firefox \u003c 91 and Thunderbird \u003c 91.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29982",
          "url": "https://www.suse.com/security/cve/CVE-2021-29982"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189630 for CVE-2021-29982",
          "url": "https://bugzilla.suse.com/1189630"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-29982"
    },
    {
      "cve": "CVE-2021-29983",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29983"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox for Android could get stuck in fullscreen mode and not exit it even after normal interactions that should cause it to exit. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 91.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29983",
          "url": "https://www.suse.com/security/cve/CVE-2021-29983"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-29983"
    },
    {
      "cve": "CVE-2021-29984",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29984"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 78.13, Thunderbird \u003c 91, Firefox ESR \u003c 78.13, and Firefox \u003c 91.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29984",
          "url": "https://www.suse.com/security/cve/CVE-2021-29984"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29984"
    },
    {
      "cve": "CVE-2021-29985",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29985"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 78.13, Thunderbird \u003c 91, Firefox ESR \u003c 78.13, and Firefox \u003c 91.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29985",
          "url": "https://www.suse.com/security/cve/CVE-2021-29985"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29985"
    },
    {
      "cve": "CVE-2021-29986",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29986"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. *Note: This issue only affected Linux operating systems. Other operating systems are unaffected.* This vulnerability affects Thunderbird \u003c 78.13, Thunderbird \u003c 91, Firefox ESR \u003c 78.13, and Firefox \u003c 91.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29986",
          "url": "https://www.suse.com/security/cve/CVE-2021-29986"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29986"
    },
    {
      "cve": "CVE-2021-29987",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29987"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. *This bug only affects Firefox on Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 91 and Thunderbird \u003c 91.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29987",
          "url": "https://www.suse.com/security/cve/CVE-2021-29987"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189629 for CVE-2021-29987",
          "url": "https://bugzilla.suse.com/1189629"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-29987"
    },
    {
      "cve": "CVE-2021-29988",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29988"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 78.13, Thunderbird \u003c 91, Firefox ESR \u003c 78.13, and Firefox \u003c 91.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29988",
          "url": "https://www.suse.com/security/cve/CVE-2021-29988"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29988"
    },
    {
      "cve": "CVE-2021-29989",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29989"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 78.13, Firefox ESR \u003c 78.13, and Firefox \u003c 91.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29989",
          "url": "https://www.suse.com/security/cve/CVE-2021-29989"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29989"
    },
    {
      "cve": "CVE-2021-29990",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29990"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 90. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 91.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29990",
          "url": "https://www.suse.com/security/cve/CVE-2021-29990"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189628 for CVE-2021-29990",
          "url": "https://bugzilla.suse.com/1189628"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29990"
    },
    {
      "cve": "CVE-2021-29991",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29991"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3. This vulnerability affects Firefox \u003c 91.0.1 and Thunderbird \u003c 91.0.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29991",
          "url": "https://www.suse.com/security/cve/CVE-2021-29991"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189547 for CVE-2021-29991",
          "url": "https://bugzilla.suse.com/1189547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29991"
    },
    {
      "cve": "CVE-2021-29993",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-29993"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox for Android allowed navigations through the `intent://` protocol, which could be used to cause crashes and UI spoofs. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 92.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-29993",
          "url": "https://www.suse.com/security/cve/CVE-2021-29993"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1190269 for CVE-2021-29993",
          "url": "https://bugzilla.suse.com/1190269"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-29993"
    },
    {
      "cve": "CVE-2021-30547",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-30547"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-30547",
          "url": "https://www.suse.com/security/cve/CVE-2021-30547"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1187141 for CVE-2021-30547",
          "url": "https://bugzilla.suse.com/1187141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188275 for CVE-2021-30547",
          "url": "https://bugzilla.suse.com/1188275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-30547"
    },
    {
      "cve": "CVE-2021-32810",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-32810"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this can cause double free and a memory leak. If not, this still can cause a logical bug. Crates using `Stealer::steal`, `Stealer::steal_batch`, or `Stealer::steal_batch_and_pop` are affected by this issue. This has been fixed in crossbeam-deque 0.8.1 and 0.7.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-32810",
          "url": "https://www.suse.com/security/cve/CVE-2021-32810"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191332 for CVE-2021-32810",
          "url": "https://bugzilla.suse.com/1191332"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2021-32810"
    },
    {
      "cve": "CVE-2021-38491",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38491"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mixed-content checks were unable to analyze opaque origins which led to some mixed content being loaded. This vulnerability affects Firefox \u003c 92.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38491",
          "url": "https://www.suse.com/security/cve/CVE-2021-38491"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1190269 for CVE-2021-38491",
          "url": "https://bugzilla.suse.com/1190269"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38491"
    },
    {
      "cve": "CVE-2021-38492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 92, Thunderbird \u003c 91.1, Thunderbird \u003c 78.14, Firefox ESR \u003c 78.14, and Firefox ESR \u003c 91.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38492",
          "url": "https://www.suse.com/security/cve/CVE-2021-38492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1190269 for CVE-2021-38492",
          "url": "https://bugzilla.suse.com/1190269"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38492"
    },
    {
      "cve": "CVE-2021-38493",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38493"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 78.14, Thunderbird \u003c 78.14, and Firefox \u003c 92.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38493",
          "url": "https://www.suse.com/security/cve/CVE-2021-38493"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1190269 for CVE-2021-38493",
          "url": "https://bugzilla.suse.com/1190269"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38493"
    },
    {
      "cve": "CVE-2021-38494",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38494"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 91. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 92.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38494",
          "url": "https://www.suse.com/security/cve/CVE-2021-38494"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1190269 for CVE-2021-38494",
          "url": "https://bugzilla.suse.com/1190269"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38494"
    },
    {
      "cve": "CVE-2021-38496",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38496"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 78.15, Thunderbird \u003c 91.2, Firefox ESR \u003c 91.2, Firefox ESR \u003c 78.15, and Firefox \u003c 93.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38496",
          "url": "https://www.suse.com/security/cve/CVE-2021-38496"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191332 for CVE-2021-38496",
          "url": "https://bugzilla.suse.com/1191332"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38496"
    },
    {
      "cve": "CVE-2021-38497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox \u003c 93, Thunderbird \u003c 91.2, and Firefox ESR \u003c 91.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38497",
          "url": "https://www.suse.com/security/cve/CVE-2021-38497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191332 for CVE-2021-38497",
          "url": "https://bugzilla.suse.com/1191332"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38497"
    },
    {
      "cve": "CVE-2021-38498",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38498"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 93, Thunderbird \u003c 91.2, and Firefox ESR \u003c 91.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38498",
          "url": "https://www.suse.com/security/cve/CVE-2021-38498"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191332 for CVE-2021-38498",
          "url": "https://bugzilla.suse.com/1191332"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38498"
    },
    {
      "cve": "CVE-2021-38499",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38499"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 92. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 93.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38499",
          "url": "https://www.suse.com/security/cve/CVE-2021-38499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191332 for CVE-2021-38499",
          "url": "https://bugzilla.suse.com/1191332"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38499"
    },
    {
      "cve": "CVE-2021-38500",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38500"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 78.15, Thunderbird \u003c 91.2, Firefox ESR \u003c 91.2, Firefox ESR \u003c 78.15, and Firefox \u003c 93.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38500",
          "url": "https://www.suse.com/security/cve/CVE-2021-38500"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191332 for CVE-2021-38500",
          "url": "https://bugzilla.suse.com/1191332"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38500"
    },
    {
      "cve": "CVE-2021-38501",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38501"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 93, Thunderbird \u003c 91.2, and Firefox ESR \u003c 91.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38501",
          "url": "https://www.suse.com/security/cve/CVE-2021-38501"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191332 for CVE-2021-38501",
          "url": "https://bugzilla.suse.com/1191332"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38501"
    },
    {
      "cve": "CVE-2021-38503",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38503"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox \u003c 94, Thunderbird \u003c 91.3, and Firefox ESR \u003c 91.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38503",
          "url": "https://www.suse.com/security/cve/CVE-2021-38503"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1192250 for CVE-2021-38503",
          "url": "https://bugzilla.suse.com/1192250"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38503"
    },
    {
      "cve": "CVE-2021-38504",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38504"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When interacting with an HTML input element\u0027s file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 94, Thunderbird \u003c 91.3, and Firefox ESR \u003c 91.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38504",
          "url": "https://www.suse.com/security/cve/CVE-2021-38504"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1192250 for CVE-2021-38504",
          "url": "https://bugzilla.suse.com/1192250"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38504"
    },
    {
      "cve": "CVE-2021-38505",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38505"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and ESR 91.3 did not implement them. This could have caused sensitive data to be recorded to a user\u0027s Microsoft account. *This bug only affects Firefox for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 94, Thunderbird \u003c 91.3, and Firefox ESR \u003c 91.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38505",
          "url": "https://www.suse.com/security/cve/CVE-2021-38505"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1192250 for CVE-2021-38505",
          "url": "https://bugzilla.suse.com/1192250"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38505"
    },
    {
      "cve": "CVE-2021-38506",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38506"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox \u003c 94, Thunderbird \u003c 91.3, and Firefox ESR \u003c 91.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38506",
          "url": "https://www.suse.com/security/cve/CVE-2021-38506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1192250 for CVE-2021-38506",
          "url": "https://bugzilla.suse.com/1192250"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38506"
    },
    {
      "cve": "CVE-2021-38507",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38507"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80. However, if a second encrypted port on the same IP address (e.g. port 8443) did not opt-in to opportunistic encryption; a network attacker could forward a connection from the browser to port 443 to port 8443, causing the browser to treat the content of port 8443 as same-origin with HTTP. This was resolved by disabling the Opportunistic Encryption feature, which had low usage. This vulnerability affects Firefox \u003c 94, Thunderbird \u003c 91.3, and Firefox ESR \u003c 91.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38507",
          "url": "https://www.suse.com/security/cve/CVE-2021-38507"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1192250 for CVE-2021-38507",
          "url": "https://bugzilla.suse.com/1192250"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38507"
    },
    {
      "cve": "CVE-2021-38508",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38508"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. This vulnerability affects Firefox \u003c 94, Thunderbird \u003c 91.3, and Firefox ESR \u003c 91.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38508",
          "url": "https://www.suse.com/security/cve/CVE-2021-38508"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1192250 for CVE-2021-38508",
          "url": "https://bugzilla.suse.com/1192250"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38508"
    },
    {
      "cve": "CVE-2021-38509",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38509"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker\u0027s choosing. This vulnerability affects Firefox \u003c 94, Thunderbird \u003c 91.3, and Firefox ESR \u003c 91.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38509",
          "url": "https://www.suse.com/security/cve/CVE-2021-38509"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1192250 for CVE-2021-38509",
          "url": "https://bugzilla.suse.com/1192250"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38509"
    },
    {
      "cve": "CVE-2021-38510",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-38510"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user\u0027s computer.*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 94, Thunderbird \u003c 91.3, and Firefox ESR \u003c 91.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-38510",
          "url": "https://www.suse.com/security/cve/CVE-2021-38510"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1192250 for CVE-2021-38510",
          "url": "https://bugzilla.suse.com/1192250"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-38510"
    },
    {
      "cve": "CVE-2021-4140",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-4140"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-4140",
          "url": "https://www.suse.com/security/cve/CVE-2021-4140"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2021-4140",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-4140"
    },
    {
      "cve": "CVE-2021-43536",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-43536"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird \u003c 91.4.0, Firefox ESR \u003c 91.4.0, and Firefox \u003c 95.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-43536",
          "url": "https://www.suse.com/security/cve/CVE-2021-43536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193485 for CVE-2021-43536",
          "url": "https://bugzilla.suse.com/1193485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-43536"
    },
    {
      "cve": "CVE-2021-43537",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-43537"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 91.4.0, Firefox ESR \u003c 91.4.0, and Firefox \u003c 95.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-43537",
          "url": "https://www.suse.com/security/cve/CVE-2021-43537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193485 for CVE-2021-43537",
          "url": "https://bugzilla.suse.com/1193485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-43537"
    },
    {
      "cve": "CVE-2021-43538",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-43538"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird \u003c 91.4.0, Firefox ESR \u003c 91.4.0, and Firefox \u003c 95.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-43538",
          "url": "https://www.suse.com/security/cve/CVE-2021-43538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193485 for CVE-2021-43538",
          "url": "https://bugzilla.suse.com/1193485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-43538"
    },
    {
      "cve": "CVE-2021-43539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-43539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 91.4.0, Firefox ESR \u003c 91.4.0, and Firefox \u003c 95.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-43539",
          "url": "https://www.suse.com/security/cve/CVE-2021-43539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193485 for CVE-2021-43539",
          "url": "https://bugzilla.suse.com/1193485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-43539"
    },
    {
      "cve": "CVE-2021-43540",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-43540"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "WebExtensions with the correct permissions were able to create and install ServiceWorkers for third-party websites that would not have been uninstalled with the extension. This vulnerability affects Firefox \u003c 95.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-43540",
          "url": "https://www.suse.com/security/cve/CVE-2021-43540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193485 for CVE-2021-43540",
          "url": "https://bugzilla.suse.com/1193485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-43540"
    },
    {
      "cve": "CVE-2021-43541",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-43541"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird \u003c 91.4.0, Firefox ESR \u003c 91.4.0, and Firefox \u003c 95.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-43541",
          "url": "https://www.suse.com/security/cve/CVE-2021-43541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193485 for CVE-2021-43541",
          "url": "https://bugzilla.suse.com/1193485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-43541"
    },
    {
      "cve": "CVE-2021-43542",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-43542"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird \u003c 91.4.0, Firefox ESR \u003c 91.4.0, and Firefox \u003c 95.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-43542",
          "url": "https://www.suse.com/security/cve/CVE-2021-43542"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193485 for CVE-2021-43542",
          "url": "https://bugzilla.suse.com/1193485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-43542"
    },
    {
      "cve": "CVE-2021-43543",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-43543"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Documents loaded with the CSP sandbox directive could have escaped the sandbox\u0027s script restriction by embedding additional content. This vulnerability affects Thunderbird \u003c 91.4.0, Firefox ESR \u003c 91.4.0, and Firefox \u003c 95.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-43543",
          "url": "https://www.suse.com/security/cve/CVE-2021-43543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193485 for CVE-2021-43543",
          "url": "https://bugzilla.suse.com/1193485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-43543"
    },
    {
      "cve": "CVE-2021-43544",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-43544"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 95.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-43544",
          "url": "https://www.suse.com/security/cve/CVE-2021-43544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193485 for CVE-2021-43544",
          "url": "https://bugzilla.suse.com/1193485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-43544"
    },
    {
      "cve": "CVE-2021-43545",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-43545"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird \u003c 91.4.0, Firefox ESR \u003c 91.4.0, and Firefox \u003c 95.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-43545",
          "url": "https://www.suse.com/security/cve/CVE-2021-43545"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193485 for CVE-2021-43545",
          "url": "https://bugzilla.suse.com/1193485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-43545"
    },
    {
      "cve": "CVE-2021-43546",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-43546"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird \u003c 91.4.0, Firefox ESR \u003c 91.4.0, and Firefox \u003c 95.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-43546",
          "url": "https://www.suse.com/security/cve/CVE-2021-43546"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193485 for CVE-2021-43546",
          "url": "https://bugzilla.suse.com/1193485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-43546"
    },
    {
      "cve": "CVE-2022-0511",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0511"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herrera, Lars T Hansen, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 97.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0511",
          "url": "https://www.suse.com/security/cve/CVE-2022-0511"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-0511",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-0511"
    },
    {
      "cve": "CVE-2022-0843",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0843"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 98.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0843",
          "url": "https://www.suse.com/security/cve/CVE-2022-0843"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196900 for CVE-2022-0843",
          "url": "https://bugzilla.suse.com/1196900"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-0843"
    },
    {
      "cve": "CVE-2022-1097",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1097"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "\u003ccode\u003eNSSToken\u003c/code\u003e objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird \u003c 91.8, Firefox \u003c 99, and Firefox ESR \u003c 91.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1097",
          "url": "https://www.suse.com/security/cve/CVE-2022-1097"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-1097",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1097"
    },
    {
      "cve": "CVE-2022-1529",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1529"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR \u003c 91.9.1, Firefox \u003c 100.0.2, Firefox for Android \u003c 100.3.0, and Thunderbird \u003c 91.9.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1529",
          "url": "https://www.suse.com/security/cve/CVE-2022-1529"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1529"
    },
    {
      "cve": "CVE-2022-1802",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1802"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR \u003c 91.9.1, Firefox \u003c 100.0.2, Firefox for Android \u003c 100.3.0, and Thunderbird \u003c 91.9.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1802",
          "url": "https://www.suse.com/security/cve/CVE-2022-1802"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1802"
    },
    {
      "cve": "CVE-2022-1919",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1919"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1919",
          "url": "https://www.suse.com/security/cve/CVE-2022-1919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-1919",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1919"
    },
    {
      "cve": "CVE-2022-2200",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-2200"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox \u003c 102, Firefox ESR \u003c 91.11, Thunderbird \u003c 102, and Thunderbird \u003c 91.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-2200",
          "url": "https://www.suse.com/security/cve/CVE-2022-2200"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-2200"
    },
    {
      "cve": "CVE-2022-22736",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22736"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.\u003cbr\u003e*This bug only affects Firefox for Windows in a non-default installation. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 96.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22736",
          "url": "https://www.suse.com/security/cve/CVE-2022-22736"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22736",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22736"
    },
    {
      "cve": "CVE-2022-22737",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22737"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22737",
          "url": "https://www.suse.com/security/cve/CVE-2022-22737"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22737",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22737"
    },
    {
      "cve": "CVE-2022-22738",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22738"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22738",
          "url": "https://www.suse.com/security/cve/CVE-2022-22738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22738",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22738"
    },
    {
      "cve": "CVE-2022-22739",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22739"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22739",
          "url": "https://www.suse.com/security/cve/CVE-2022-22739"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22739",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22739"
    },
    {
      "cve": "CVE-2022-22740",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22740"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22740",
          "url": "https://www.suse.com/security/cve/CVE-2022-22740"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22740",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22740"
    },
    {
      "cve": "CVE-2022-22741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22741",
          "url": "https://www.suse.com/security/cve/CVE-2022-22741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22741",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22741"
    },
    {
      "cve": "CVE-2022-22742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22742",
          "url": "https://www.suse.com/security/cve/CVE-2022-22742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22742",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22742"
    },
    {
      "cve": "CVE-2022-22743",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22743"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22743",
          "url": "https://www.suse.com/security/cve/CVE-2022-22743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22743",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22743"
    },
    {
      "cve": "CVE-2022-22744",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22744"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The constructed curl command from the \"Copy as curl\" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.\u003cbr\u003e*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22744",
          "url": "https://www.suse.com/security/cve/CVE-2022-22744"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22744",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22744"
    },
    {
      "cve": "CVE-2022-22745",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22745"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22745",
          "url": "https://www.suse.com/security/cve/CVE-2022-22745"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22745",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22745"
    },
    {
      "cve": "CVE-2022-22746",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22746"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.\u003cbr\u003e*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22746",
          "url": "https://www.suse.com/security/cve/CVE-2022-22746"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22746",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22746"
    },
    {
      "cve": "CVE-2022-22747",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22747"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22747",
          "url": "https://www.suse.com/security/cve/CVE-2022-22747"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22747",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22747"
    },
    {
      "cve": "CVE-2022-22748",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22748"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22748",
          "url": "https://www.suse.com/security/cve/CVE-2022-22748"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22748",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22748"
    },
    {
      "cve": "CVE-2022-22749",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22749"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.\u003cbr\u003e*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 96.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22749",
          "url": "https://www.suse.com/security/cve/CVE-2022-22749"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22749",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22749"
    },
    {
      "cve": "CVE-2022-22750",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22750"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.\u003cbr\u003e*This bug only affects Firefox for Windows and MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 96.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22750",
          "url": "https://www.suse.com/security/cve/CVE-2022-22750"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22750",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22750"
    },
    {
      "cve": "CVE-2022-22751",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22751"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 91.5, Firefox \u003c 96, and Thunderbird \u003c 91.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22751",
          "url": "https://www.suse.com/security/cve/CVE-2022-22751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22751",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22751"
    },
    {
      "cve": "CVE-2022-22752",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22752"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 96.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22752",
          "url": "https://www.suse.com/security/cve/CVE-2022-22752"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194547 for CVE-2022-22752",
          "url": "https://bugzilla.suse.com/1194547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-22752"
    },
    {
      "cve": "CVE-2022-22753",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22753"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.\u003cbr\u003e*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 97, Thunderbird \u003c 91.6, and Firefox ESR \u003c 91.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22753",
          "url": "https://www.suse.com/security/cve/CVE-2022-22753"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-22753",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-22753"
    },
    {
      "cve": "CVE-2022-22754",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22754"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox \u003c 97, Thunderbird \u003c 91.6, and Firefox ESR \u003c 91.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22754",
          "url": "https://www.suse.com/security/cve/CVE-2022-22754"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-22754",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-22754"
    },
    {
      "cve": "CVE-2022-22755",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22755"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript (within the bounds of the same-origin policy) even after the tab was closed. This vulnerability affects Firefox \u003c 97.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22755",
          "url": "https://www.suse.com/security/cve/CVE-2022-22755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-22755",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-22755"
    },
    {
      "cve": "CVE-2022-22756",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22756"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. This vulnerability affects Firefox \u003c 97, Thunderbird \u003c 91.6, and Firefox ESR \u003c 91.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22756",
          "url": "https://www.suse.com/security/cve/CVE-2022-22756"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-22756",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-22756"
    },
    {
      "cve": "CVE-2022-22757",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22757"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user\u0027s browser to control it. \u003cbr\u003e*This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.*. This vulnerability affects Firefox \u003c 97.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22757",
          "url": "https://www.suse.com/security/cve/CVE-2022-22757"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-22757",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-22757"
    },
    {
      "cve": "CVE-2022-22758",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22758"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When clicking on a tel: link, USSD codes, specified after a \u003ccode\u003e\\*\u003c/code\u003e character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user\u0027s account, similar to a cross-site request forgery attack.\u003cbr\u003e*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 97.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22758",
          "url": "https://www.suse.com/security/cve/CVE-2022-22758"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-22758",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-22758"
    },
    {
      "cve": "CVE-2022-22759",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22759"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a document created a sandboxed iframe without \u003ccode\u003eallow-scripts\u003c/code\u003e, and subsequently appended an element to the iframe\u0027s document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe\u0027s sandbox. This vulnerability affects Firefox \u003c 97, Thunderbird \u003c 91.6, and Firefox ESR \u003c 91.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22759",
          "url": "https://www.suse.com/security/cve/CVE-2022-22759"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-22759",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-22759"
    },
    {
      "cve": "CVE-2022-22760",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22760"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When importing resources using Web Workers, error messages would distinguish the difference between \u003ccode\u003eapplication/javascript\u003c/code\u003e responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox \u003c 97, Thunderbird \u003c 91.6, and Firefox ESR \u003c 91.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22760",
          "url": "https://www.suse.com/security/cve/CVE-2022-22760"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-22760",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-22760"
    },
    {
      "cve": "CVE-2022-22761",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22761"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension\u0027s Content Security Policy. This vulnerability affects Firefox \u003c 97, Thunderbird \u003c 91.6, and Firefox ESR \u003c 91.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22761",
          "url": "https://www.suse.com/security/cve/CVE-2022-22761"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-22761",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-22761"
    },
    {
      "cve": "CVE-2022-22762",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22762"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Under certain circumstances, a JavaScript alert (or prompt) could have been shown while another website was displayed underneath it. This could have been abused to trick the user. \u003cbr\u003e*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 97.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22762",
          "url": "https://www.suse.com/security/cve/CVE-2022-22762"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-22762",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-22762"
    },
    {
      "cve": "CVE-2022-22764",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-22764"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 97, Thunderbird \u003c 91.6, and Firefox ESR \u003c 91.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-22764",
          "url": "https://www.suse.com/security/cve/CVE-2022-22764"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195682 for CVE-2022-22764",
          "url": "https://bugzilla.suse.com/1195682"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-22764"
    },
    {
      "cve": "CVE-2022-24713",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24713"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it\u0027s considered part of the crate\u0027s API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it\u0027s possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24713",
          "url": "https://www.suse.com/security/cve/CVE-2022-24713"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196972 for CVE-2022-24713",
          "url": "https://bugzilla.suse.com/1196972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-24713",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24713"
    },
    {
      "cve": "CVE-2022-2505",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-2505"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 102.1, Firefox \u003c 103, and Thunderbird \u003c 102.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-2505",
          "url": "https://www.suse.com/security/cve/CVE-2022-2505"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-2505"
    },
    {
      "cve": "CVE-2022-26381",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26381"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 98, Firefox ESR \u003c 91.7, and Thunderbird \u003c 91.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26381",
          "url": "https://www.suse.com/security/cve/CVE-2022-26381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196900 for CVE-2022-26381",
          "url": "https://bugzilla.suse.com/1196900"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-26381"
    },
    {
      "cve": "CVE-2022-26382",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26382"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox \u003c 98.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26382",
          "url": "https://www.suse.com/security/cve/CVE-2022-26382"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196900 for CVE-2022-26382",
          "url": "https://bugzilla.suse.com/1196900"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-26382"
    },
    {
      "cve": "CVE-2022-26383",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26383"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox \u003c 98, Firefox ESR \u003c 91.7, and Thunderbird \u003c 91.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26383",
          "url": "https://www.suse.com/security/cve/CVE-2022-26383"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196900 for CVE-2022-26383",
          "url": "https://bugzilla.suse.com/1196900"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-26383"
    },
    {
      "cve": "CVE-2022-26384",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26384"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an attacker could control the contents of an iframe sandboxed with \u003ccode\u003eallow-popups\u003c/code\u003e but not \u003ccode\u003eallow-scripts\u003c/code\u003e, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox \u003c 98, Firefox ESR \u003c 91.7, and Thunderbird \u003c 91.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26384",
          "url": "https://www.suse.com/security/cve/CVE-2022-26384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196900 for CVE-2022-26384",
          "url": "https://bugzilla.suse.com/1196900"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-26384"
    },
    {
      "cve": "CVE-2022-26385",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26385"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In unusual circumstances, an individual thread may outlive the thread\u0027s manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 98.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26385",
          "url": "https://www.suse.com/security/cve/CVE-2022-26385"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196900 for CVE-2022-26385",
          "url": "https://bugzilla.suse.com/1196900"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-26385"
    },
    {
      "cve": "CVE-2022-26387",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26387"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox \u003c 98, Firefox ESR \u003c 91.7, and Thunderbird \u003c 91.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26387",
          "url": "https://www.suse.com/security/cve/CVE-2022-26387"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196900 for CVE-2022-26387",
          "url": "https://bugzilla.suse.com/1196900"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-26387"
    },
    {
      "cve": "CVE-2022-28281",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28281"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 91.8, Firefox \u003c 99, and Firefox ESR \u003c 91.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28281",
          "url": "https://www.suse.com/security/cve/CVE-2022-28281"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-28281",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-28281"
    },
    {
      "cve": "CVE-2022-28282",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28282"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By using a link with \u003ccode\u003erel=\"localization\"\u003c/code\u003e a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird \u003c 91.8, Firefox \u003c 99, and Firefox ESR \u003c 91.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28282",
          "url": "https://www.suse.com/security/cve/CVE-2022-28282"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-28282",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-28282"
    },
    {
      "cve": "CVE-2022-28283",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28283"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The sourceMapURL feature in devtools was missing security checks that would have allowed a webpage to attempt to include local files or other files that should have been inaccessible. This vulnerability affects Firefox \u003c 99.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28283",
          "url": "https://www.suse.com/security/cve/CVE-2022-28283"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-28283",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-28283"
    },
    {
      "cve": "CVE-2022-28284",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28284"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "SVG\u0027s \u003ccode\u003e\u0026lt;use\u0026gt;\u003c/code\u003e element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko\u0027s implementation was aligned with theirs. This vulnerability affects Firefox \u003c 99.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28284",
          "url": "https://www.suse.com/security/cve/CVE-2022-28284"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-28284",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-28284"
    },
    {
      "cve": "CVE-2022-28285",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28285"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When generating the assembly code for \u003ccode\u003eMLoadTypedArrayElementHole\u003c/code\u003e, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird \u003c 91.8, Firefox \u003c 99, and Firefox ESR \u003c 91.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28285",
          "url": "https://www.suse.com/security/cve/CVE-2022-28285"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-28285",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-28285"
    },
    {
      "cve": "CVE-2022-28286",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28286"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. This vulnerability affects Thunderbird \u003c 91.8, Firefox \u003c 99, and Firefox ESR \u003c 91.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28286",
          "url": "https://www.suse.com/security/cve/CVE-2022-28286"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-28286",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-28286"
    },
    {
      "cve": "CVE-2022-28287",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28287"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In unusual circumstances, selecting text could cause text selection caching to behave incorrectly, leading to a crash. This vulnerability affects Firefox \u003c 99.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28287",
          "url": "https://www.suse.com/security/cve/CVE-2022-28287"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-28287",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-28287"
    },
    {
      "cve": "CVE-2022-28288",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28288"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 99.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28288",
          "url": "https://www.suse.com/security/cve/CVE-2022-28288"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-28288",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-28288"
    },
    {
      "cve": "CVE-2022-28289",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28289"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 91.8, Firefox \u003c 99, and Firefox ESR \u003c 91.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28289",
          "url": "https://www.suse.com/security/cve/CVE-2022-28289"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197903 for CVE-2022-28289",
          "url": "https://bugzilla.suse.com/1197903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-28289"
    },
    {
      "cve": "CVE-2022-29909",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29909"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird \u003c 91.9, Firefox ESR \u003c 91.9, and Firefox \u003c 100.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29909",
          "url": "https://www.suse.com/security/cve/CVE-2022-29909"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-29909"
    },
    {
      "cve": "CVE-2022-29910",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29910"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings.\u003cbr\u003e*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 100.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29910",
          "url": "https://www.suse.com/security/cve/CVE-2022-29910"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-29910"
    },
    {
      "cve": "CVE-2022-29911",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29911"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An improper implementation of the new iframe sandbox keyword \u003ccode\u003eallow-top-navigation-by-user-activation\u003c/code\u003e could lead to script execution without \u003ccode\u003eallow-scripts\u003c/code\u003e being present. This vulnerability affects Thunderbird \u003c 91.9, Firefox ESR \u003c 91.9, and Firefox \u003c 100.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29911",
          "url": "https://www.suse.com/security/cve/CVE-2022-29911"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-29911"
    },
    {
      "cve": "CVE-2022-29912",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29912"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird \u003c 91.9, Firefox ESR \u003c 91.9, and Firefox \u003c 100.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29912",
          "url": "https://www.suse.com/security/cve/CVE-2022-29912"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-29912"
    },
    {
      "cve": "CVE-2022-29914",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29914"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird \u003c 91.9, Firefox ESR \u003c 91.9, and Firefox \u003c 100.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29914",
          "url": "https://www.suse.com/security/cve/CVE-2022-29914"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-29914"
    },
    {
      "cve": "CVE-2022-29915",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29915"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects. This vulnerability affects Firefox \u003c 100.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29915",
          "url": "https://www.suse.com/security/cve/CVE-2022-29915"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-29915"
    },
    {
      "cve": "CVE-2022-29916",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29916"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird \u003c 91.9, Firefox ESR \u003c 91.9, and Firefox \u003c 100.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29916",
          "url": "https://www.suse.com/security/cve/CVE-2022-29916"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-29916"
    },
    {
      "cve": "CVE-2022-29917",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29917"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 91.9, Firefox ESR \u003c 91.9, and Firefox \u003c 100.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29917",
          "url": "https://www.suse.com/security/cve/CVE-2022-29917"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-29917"
    },
    {
      "cve": "CVE-2022-29918",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29918"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 100.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29918",
          "url": "https://www.suse.com/security/cve/CVE-2022-29918"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-29918"
    },
    {
      "cve": "CVE-2022-31736",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31736"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird \u003c 91.10, Firefox \u003c 101, and Firefox ESR \u003c 91.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31736",
          "url": "https://www.suse.com/security/cve/CVE-2022-31736"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31736",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31736"
    },
    {
      "cve": "CVE-2022-31737",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31737"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 91.10, Firefox \u003c 101, and Firefox ESR \u003c 91.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31737",
          "url": "https://www.suse.com/security/cve/CVE-2022-31737"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31737",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31737"
    },
    {
      "cve": "CVE-2022-31738",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31738"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird \u003c 91.10, Firefox \u003c 101, and Firefox ESR \u003c 91.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31738",
          "url": "https://www.suse.com/security/cve/CVE-2022-31738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31738",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31738"
    },
    {
      "cve": "CVE-2022-31739",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31739"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.\u003cbr\u003e*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird \u003c 91.10, Firefox \u003c 101, and Firefox ESR \u003c 91.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31739",
          "url": "https://www.suse.com/security/cve/CVE-2022-31739"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31739",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31739"
    },
    {
      "cve": "CVE-2022-31740",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31740"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 91.10, Firefox \u003c 101, and Firefox ESR \u003c 91.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31740",
          "url": "https://www.suse.com/security/cve/CVE-2022-31740"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31740",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31740"
    },
    {
      "cve": "CVE-2022-31741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird \u003c 91.10, Firefox \u003c 101, and Firefox ESR \u003c 91.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31741",
          "url": "https://www.suse.com/security/cve/CVE-2022-31741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31741",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31741"
    },
    {
      "cve": "CVE-2022-31742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird \u003c 91.10, Firefox \u003c 101, and Firefox ESR \u003c 91.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31742",
          "url": "https://www.suse.com/security/cve/CVE-2022-31742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31742",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31742"
    },
    {
      "cve": "CVE-2022-31743",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31743"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox\u0027s HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox \u003c 101.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31743",
          "url": "https://www.suse.com/security/cve/CVE-2022-31743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31743",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31743"
    },
    {
      "cve": "CVE-2022-31744",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31744"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page\u0027s Content Security Policy. This vulnerability affects Firefox ESR \u003c 91.11, Thunderbird \u003c 102, Thunderbird \u003c 91.11, and Firefox \u003c 101.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31744",
          "url": "https://www.suse.com/security/cve/CVE-2022-31744"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31744",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31744"
    },
    {
      "cve": "CVE-2022-31745",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31745"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox \u003c 101.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31745",
          "url": "https://www.suse.com/security/cve/CVE-2022-31745"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31745",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31745"
    },
    {
      "cve": "CVE-2022-31747",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31747"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 91.10, Firefox \u003c 101, and Firefox ESR \u003c 91.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31747",
          "url": "https://www.suse.com/security/cve/CVE-2022-31747"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31747",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31747"
    },
    {
      "cve": "CVE-2022-31748",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-31748"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 101.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-31748",
          "url": "https://www.suse.com/security/cve/CVE-2022-31748"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200027 for CVE-2022-31748",
          "url": "https://bugzilla.suse.com/1200027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-31748"
    },
    {
      "cve": "CVE-2022-34468",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34468"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An iframe that was not permitted to run scripts could do so if the user clicked on a \u003ccode\u003ejavascript:\u003c/code\u003e link. This vulnerability affects Firefox \u003c 102, Firefox ESR \u003c 91.11, Thunderbird \u003c 102, and Thunderbird \u003c 91.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34468",
          "url": "https://www.suse.com/security/cve/CVE-2022-34468"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34468"
    },
    {
      "cve": "CVE-2022-34469",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34469"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. \u003cbr\u003e*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 102.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34469",
          "url": "https://www.suse.com/security/cve/CVE-2022-34469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34469"
    },
    {
      "cve": "CVE-2022-34470",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34470"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox \u003c 102, Firefox ESR \u003c 91.11, Thunderbird \u003c 102, and Thunderbird \u003c 91.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34470",
          "url": "https://www.suse.com/security/cve/CVE-2022-34470"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34470"
    },
    {
      "cve": "CVE-2022-34471",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34471"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When downloading an update for an addon, the downloaded addon update\u0027s version was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a prior version. This vulnerability affects Firefox \u003c 102.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34471",
          "url": "https://www.suse.com/security/cve/CVE-2022-34471"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34471"
    },
    {
      "cve": "CVE-2022-34472",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34472"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox \u003c 102, Firefox ESR \u003c 91.11, Thunderbird \u003c 102, and Thunderbird \u003c 91.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34472",
          "url": "https://www.suse.com/security/cve/CVE-2022-34472"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34472"
    },
    {
      "cve": "CVE-2022-34473",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34473"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The HTML Sanitizer should have sanitized the \u003ccode\u003ehref\u003c/code\u003e attribute of SVG \u003ccode\u003e\u0026lt;use\u0026gt;\u003c/code\u003e tags; however it incorrectly did not sanitize \u003ccode\u003exlink:href\u003c/code\u003e attributes. This vulnerability affects Firefox \u003c 102.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34473",
          "url": "https://www.suse.com/security/cve/CVE-2022-34473"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34473"
    },
    {
      "cve": "CVE-2022-34474",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34474"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Even when an iframe was sandboxed with \u003ccode\u003eallow-top-navigation-by-user-activation\u003c/code\u003e, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate. This vulnerability affects Firefox \u003c 102.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34474",
          "url": "https://www.suse.com/security/cve/CVE-2022-34474"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34474"
    },
    {
      "cve": "CVE-2022-34475",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34475"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "SVG \u003ccode\u003e\u0026lt;use\u0026gt;\u003c/code\u003e tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to be executed. This vulnerability affects Firefox \u003c 102.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34475",
          "url": "https://www.suse.com/security/cve/CVE-2022-34475"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34475"
    },
    {
      "cve": "CVE-2022-34476",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34476"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulnerability affects Firefox \u003c 102.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34476",
          "url": "https://www.suse.com/security/cve/CVE-2022-34476"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34476"
    },
    {
      "cve": "CVE-2022-34477",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34477"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox \u003c 102.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34477",
          "url": "https://www.suse.com/security/cve/CVE-2022-34477"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34477"
    },
    {
      "cve": "CVE-2022-34478",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34478"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \u003ccode\u003ems-msdt\u003c/code\u003e, \u003ccode\u003esearch\u003c/code\u003e, and \u003ccode\u003esearch-ms\u003c/code\u003e protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open them.\u003cbr\u003e*This bug only affects Thunderbird on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 102, Firefox ESR \u003c 91.11, Thunderbird \u003c 102, and Thunderbird \u003c 91.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34478",
          "url": "https://www.suse.com/security/cve/CVE-2022-34478"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34478"
    },
    {
      "cve": "CVE-2022-34479",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34479"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. \u003cbr\u003e*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 102, Firefox ESR \u003c 91.11, Thunderbird \u003c 102, and Thunderbird \u003c 91.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34479",
          "url": "https://www.suse.com/security/cve/CVE-2022-34479"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34479"
    },
    {
      "cve": "CVE-2022-34480",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34480"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Within the \u003ccode\u003elg_init()\u003c/code\u003e function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox \u003c 102.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34480",
          "url": "https://www.suse.com/security/cve/CVE-2022-34480"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34480"
    },
    {
      "cve": "CVE-2022-34481",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34481"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the \u003ccode\u003ensTArray_Impl::ReplaceElementsAt()\u003c/code\u003e function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox \u003c 102, Firefox ESR \u003c 91.11, Thunderbird \u003c 102, and Thunderbird \u003c 91.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34481",
          "url": "https://www.suse.com/security/cve/CVE-2022-34481"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34481"
    },
    {
      "cve": "CVE-2022-34482",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34482"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34483. This vulnerability affects Firefox \u003c 102.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34482",
          "url": "https://www.suse.com/security/cve/CVE-2022-34482"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34482"
    },
    {
      "cve": "CVE-2022-34483",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34483"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox \u003c 102.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34483",
          "url": "https://www.suse.com/security/cve/CVE-2022-34483"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34483"
    },
    {
      "cve": "CVE-2022-34484",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34484"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 102, Firefox ESR \u003c 91.11, Thunderbird \u003c 102, and Thunderbird \u003c 91.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34484",
          "url": "https://www.suse.com/security/cve/CVE-2022-34484"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34484"
    },
    {
      "cve": "CVE-2022-34485",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34485"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 102.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34485",
          "url": "https://www.suse.com/security/cve/CVE-2022-34485"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-34485"
    },
    {
      "cve": "CVE-2022-36314",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-36314"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.\u003cbr\u003eThis bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR \u003c 102.1, Firefox \u003c 103, and Thunderbird \u003c 102.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-36314",
          "url": "https://www.suse.com/security/cve/CVE-2022-36314"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-36314"
    },
    {
      "cve": "CVE-2022-36315",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-36315"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata. This vulnerability affects Firefox \u003c 103.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-36315",
          "url": "https://www.suse.com/security/cve/CVE-2022-36315"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-36315"
    },
    {
      "cve": "CVE-2022-36316",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-36316"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. This vulnerability affects Firefox \u003c 103.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-36316",
          "url": "https://www.suse.com/security/cve/CVE-2022-36316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-36316"
    },
    {
      "cve": "CVE-2022-36317",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-36317"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.\u003cbr\u003e*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 103.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-36317",
          "url": "https://www.suse.com/security/cve/CVE-2022-36317"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-36317"
    },
    {
      "cve": "CVE-2022-36318",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-36318"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR \u003c 102.1, Firefox ESR \u003c 91.12, Firefox \u003c 103, Thunderbird \u003c 102.1, and Thunderbird \u003c 91.12.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-36318",
          "url": "https://www.suse.com/security/cve/CVE-2022-36318"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-36318"
    },
    {
      "cve": "CVE-2022-36319",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-36319"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR \u003c 102.1, Firefox ESR \u003c 91.12, Firefox \u003c 103, Thunderbird \u003c 102.1, and Thunderbird \u003c 91.12.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-36319",
          "url": "https://www.suse.com/security/cve/CVE-2022-36319"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-36319"
    },
    {
      "cve": "CVE-2022-36320",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-36320"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 103.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-36320",
          "url": "https://www.suse.com/security/cve/CVE-2022-36320"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-36320"
    },
    {
      "cve": "CVE-2022-38472",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-38472"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird \u003c 102.2, Thunderbird \u003c 91.13, Firefox ESR \u003c 91.13, Firefox ESR \u003c 102.2, and Firefox \u003c 104.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-38472",
          "url": "https://www.suse.com/security/cve/CVE-2022-38472"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202645 for CVE-2022-38472",
          "url": "https://bugzilla.suse.com/1202645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205832 for CVE-2022-38472",
          "url": "https://bugzilla.suse.com/1205832"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-38472"
    },
    {
      "cve": "CVE-2022-38473",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-38473"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A cross-origin iframe referencing an XSLT document would inherit the parent domain\u0027s permissions (such as microphone or camera access). This vulnerability affects Thunderbird \u003c 102.2, Thunderbird \u003c 91.13, Firefox ESR \u003c 91.13, Firefox ESR \u003c 102.2, and Firefox \u003c 104.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-38473",
          "url": "https://www.suse.com/security/cve/CVE-2022-38473"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202645 for CVE-2022-38473",
          "url": "https://bugzilla.suse.com/1202645"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-38473"
    },
    {
      "cve": "CVE-2022-38474",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-38474"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A website that had permission to access the microphone could record audio without the audio notification being shown. This bug does not allow the attacker to bypass the permission prompt - it only affects the notification shown once permission has been granted.\u003cbr /\u003e*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 104.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-38474",
          "url": "https://www.suse.com/security/cve/CVE-2022-38474"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202645 for CVE-2022-38474",
          "url": "https://bugzilla.suse.com/1202645"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-38474"
    },
    {
      "cve": "CVE-2022-38475",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-38475"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox \u003c 104.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-38475",
          "url": "https://www.suse.com/security/cve/CVE-2022-38475"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202645 for CVE-2022-38475",
          "url": "https://bugzilla.suse.com/1202645"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-38475"
    },
    {
      "cve": "CVE-2022-38477",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-38477"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 102.2, Thunderbird \u003c 102.2, and Firefox \u003c 104.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-38477",
          "url": "https://www.suse.com/security/cve/CVE-2022-38477"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202645 for CVE-2022-38477",
          "url": "https://bugzilla.suse.com/1202645"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-38477"
    },
    {
      "cve": "CVE-2022-38478",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-38478"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 102.2, Thunderbird \u003c 91.13, Firefox ESR \u003c 91.13, Firefox ESR \u003c 102.2, and Firefox \u003c 104.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-38478",
          "url": "https://www.suse.com/security/cve/CVE-2022-38478"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202645 for CVE-2022-38478",
          "url": "https://bugzilla.suse.com/1202645"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-38478"
    },
    {
      "cve": "CVE-2022-40674",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-40674"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-40674",
          "url": "https://www.suse.com/security/cve/CVE-2022-40674"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203438 for CVE-2022-40674",
          "url": "https://bugzilla.suse.com/1203438"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204099 for CVE-2022-40674",
          "url": "https://bugzilla.suse.com/1204099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204177 for CVE-2022-40674",
          "url": "https://bugzilla.suse.com/1204177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204509 for CVE-2022-40674",
          "url": "https://bugzilla.suse.com/1204509"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205077 for CVE-2022-40674",
          "url": "https://bugzilla.suse.com/1205077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205285 for CVE-2022-40674",
          "url": "https://bugzilla.suse.com/1205285"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205527 for CVE-2022-40674",
          "url": "https://bugzilla.suse.com/1205527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1205598 for CVE-2022-40674",
          "url": "https://bugzilla.suse.com/1205598"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208339 for CVE-2022-40674",
          "url": "https://bugzilla.suse.com/1208339"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208753 for CVE-2022-40674",
          "url": "https://bugzilla.suse.com/1208753"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-40674"
    },
    {
      "cve": "CVE-2022-40956",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-40956"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When injecting an HTML base element, some requests would ignore the CSP\u0027s base-uri settings and accept the injected element\u0027s base instead. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-40956",
          "url": "https://www.suse.com/security/cve/CVE-2022-40956"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-40956"
    },
    {
      "cve": "CVE-2022-40957",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-40957"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.\u003cbr\u003e*This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-40957",
          "url": "https://www.suse.com/security/cve/CVE-2022-40957"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-40957"
    },
    {
      "cve": "CVE-2022-40958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-40958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-40958",
          "url": "https://www.suse.com/security/cve/CVE-2022-40958"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-40958"
    },
    {
      "cve": "CVE-2022-40959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-40959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-40959",
          "url": "https://www.suse.com/security/cve/CVE-2022-40959"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-40959"
    },
    {
      "cve": "CVE-2022-40960",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-40960"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-40960",
          "url": "https://www.suse.com/security/cve/CVE-2022-40960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-40960"
    },
    {
      "cve": "CVE-2022-40961",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-40961"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash.\u003cbr\u003e*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox \u003c 105.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-40961",
          "url": "https://www.suse.com/security/cve/CVE-2022-40961"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-40961"
    },
    {
      "cve": "CVE-2022-40962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-40962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-40962",
          "url": "https://www.suse.com/security/cve/CVE-2022-40962"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-40962"
    },
    {
      "cve": "CVE-2022-42927",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-42927"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via `performance.getEntries()`. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-42927",
          "url": "https://www.suse.com/security/cve/CVE-2022-42927"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-42927"
    },
    {
      "cve": "CVE-2022-42928",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-42928"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-42928",
          "url": "https://www.suse.com/security/cve/CVE-2022-42928"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-42928"
    },
    {
      "cve": "CVE-2022-42929",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-42929"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user\u0027s session restore settings. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-42929",
          "url": "https://www.suse.com/security/cve/CVE-2022-42929"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-42929"
    },
    {
      "cve": "CVE-2022-42930",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-42930"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the `ThirdPartyUtil` component. This vulnerability affects Firefox \u003c 106.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-42930",
          "url": "https://www.suse.com/security/cve/CVE-2022-42930"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-42930"
    },
    {
      "cve": "CVE-2022-42931",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-42931"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox \u003c 106.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-42931",
          "url": "https://www.suse.com/security/cve/CVE-2022-42931"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-42931"
    },
    {
      "cve": "CVE-2022-42932",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-42932"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-42932",
          "url": "https://www.suse.com/security/cve/CVE-2022-42932"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-42932"
    },
    {
      "cve": "CVE-2022-45403",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45403"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45403",
          "url": "https://www.suse.com/security/cve/CVE-2022-45403"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45403"
    },
    {
      "cve": "CVE-2022-45404",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45404"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Through a series of popup and \u003ccode\u003ewindow.print()\u003c/code\u003e calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45404",
          "url": "https://www.suse.com/security/cve/CVE-2022-45404"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45404"
    },
    {
      "cve": "CVE-2022-45405",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45405"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Freeing arbitrary \u003ccode\u003ensIInputStream\u003c/code\u003e\u0027s on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45405",
          "url": "https://www.suse.com/security/cve/CVE-2022-45405"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45405"
    },
    {
      "cve": "CVE-2022-45406",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45406"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45406",
          "url": "https://www.suse.com/security/cve/CVE-2022-45406"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45406"
    },
    {
      "cve": "CVE-2022-45407",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45407"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an attacker loaded a font using \u003ccode\u003eFontFace()\u003c/code\u003e on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45407",
          "url": "https://www.suse.com/security/cve/CVE-2022-45407"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45407"
    },
    {
      "cve": "CVE-2022-45408",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45408"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45408",
          "url": "https://www.suse.com/security/cve/CVE-2022-45408"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45408"
    },
    {
      "cve": "CVE-2022-45409",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45409"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The garbage collector could have been aborted in several states and zones and \u003ccode\u003eGCRuntime::finishCollection\u003c/code\u003e may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45409",
          "url": "https://www.suse.com/security/cve/CVE-2022-45409"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45409"
    },
    {
      "cve": "CVE-2022-45410",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45410"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a ServiceWorker intercepted a request with \u003ccode\u003eFetchEvent\u003c/code\u003e, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45410",
          "url": "https://www.suse.com/security/cve/CVE-2022-45410"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45410"
    },
    {
      "cve": "CVE-2022-45411",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45411"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on \u003ccode\u003efetch()\u003c/code\u003e and XMLHttpRequest; however some webservers have implemented non-standard headers such as \u003ccode\u003eX-Http-Method-Override\u003c/code\u003e that override the HTTP method, and made this attack possible again. Thunderbird has applied the same mitigations to the use of this and similar headers. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45411",
          "url": "https://www.suse.com/security/cve/CVE-2022-45411"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45411"
    },
    {
      "cve": "CVE-2022-45412",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45412"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When resolving a symlink such as \u003ccode\u003efile:///proc/self/fd/1\u003c/code\u003e, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. \u003cbr\u003e*This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.*. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45412",
          "url": "https://www.suse.com/security/cve/CVE-2022-45412"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45412"
    },
    {
      "cve": "CVE-2022-45413",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45413"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Using the \u003ccode\u003eS.browser_fallback_url parameter\u003c/code\u003e parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.\u003cbr\u003e*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45413",
          "url": "https://www.suse.com/security/cve/CVE-2022-45413"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45413"
    },
    {
      "cve": "CVE-2022-45415",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45415"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45415",
          "url": "https://www.suse.com/security/cve/CVE-2022-45415"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45415"
    },
    {
      "cve": "CVE-2022-45416",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45416"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Keyboard events reference strings like \"KeyA\" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45416",
          "url": "https://www.suse.com/security/cve/CVE-2022-45416"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45416"
    },
    {
      "cve": "CVE-2022-45417",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45417"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45417",
          "url": "https://www.suse.com/security/cve/CVE-2022-45417"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224420 for CVE-2022-45417",
          "url": "https://bugzilla.suse.com/1224420"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45417"
    },
    {
      "cve": "CVE-2022-45418",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45418"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45418",
          "url": "https://www.suse.com/security/cve/CVE-2022-45418"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45418"
    },
    {
      "cve": "CVE-2022-45419",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45419"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45419",
          "url": "https://www.suse.com/security/cve/CVE-2022-45419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45419"
    },
    {
      "cve": "CVE-2022-45420",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45420"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45420",
          "url": "https://www.suse.com/security/cve/CVE-2022-45420"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45420"
    },
    {
      "cve": "CVE-2022-45421",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-45421"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-45421",
          "url": "https://www.suse.com/security/cve/CVE-2022-45421"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206343 for CVE-2022-45421",
          "url": "https://bugzilla.suse.com/1206343"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-45421"
    },
    {
      "cve": "CVE-2022-46871",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-46871"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox \u003c 108.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-46871",
          "url": "https://www.suse.com/security/cve/CVE-2022-46871"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206242 for CVE-2022-46871",
          "url": "https://bugzilla.suse.com/1206242"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-46871"
    },
    {
      "cve": "CVE-2022-46872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-46872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.\u003cbr\u003e*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 108, Firefox ESR \u003c 102.6, and Thunderbird \u003c 102.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-46872",
          "url": "https://www.suse.com/security/cve/CVE-2022-46872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206242 for CVE-2022-46872",
          "url": "https://bugzilla.suse.com/1206242"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-46872"
    },
    {
      "cve": "CVE-2022-46873",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-46873"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Because Firefox did not implement the \u003ccode\u003eunsafe-hashes\u003c/code\u003e CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. This would be severely constrained by the specified Content Security Policy of the document. This vulnerability affects Firefox \u003c 108.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-46873",
          "url": "https://www.suse.com/security/cve/CVE-2022-46873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206242 for CVE-2022-46873",
          "url": "https://bugzilla.suse.com/1206242"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-46873"
    },
    {
      "cve": "CVE-2022-46874",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-46874"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.\u003cbr/\u003e*Note*: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox \u003c 108, Thunderbird \u003c 102.6.1, Thunderbird \u003c 102.6, and Firefox ESR \u003c 102.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-46874",
          "url": "https://www.suse.com/security/cve/CVE-2022-46874"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206242 for CVE-2022-46874",
          "url": "https://bugzilla.suse.com/1206242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206653 for CVE-2022-46874",
          "url": "https://bugzilla.suse.com/1206653"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-46874"
    },
    {
      "cve": "CVE-2022-46875",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-46875"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user\u0027s computer. \u003cbr\u003e*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 108, Firefox ESR \u003c 102.6, and Thunderbird \u003c 102.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-46875",
          "url": "https://www.suse.com/security/cve/CVE-2022-46875"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206242 for CVE-2022-46875",
          "url": "https://bugzilla.suse.com/1206242"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-46875"
    },
    {
      "cve": "CVE-2022-46877",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-46877"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox \u003c 108.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-46877",
          "url": "https://www.suse.com/security/cve/CVE-2022-46877"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206242 for CVE-2022-46877",
          "url": "https://bugzilla.suse.com/1206242"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-46877"
    },
    {
      "cve": "CVE-2022-46878",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-46878"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 108, Firefox ESR \u003c 102.6, and Thunderbird \u003c 102.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-46878",
          "url": "https://www.suse.com/security/cve/CVE-2022-46878"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206242 for CVE-2022-46878",
          "url": "https://bugzilla.suse.com/1206242"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-46878"
    },
    {
      "cve": "CVE-2022-46879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-46879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 108.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-46879",
          "url": "https://www.suse.com/security/cve/CVE-2022-46879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206242 for CVE-2022-46879",
          "url": "https://bugzilla.suse.com/1206242"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-46879"
    },
    {
      "cve": "CVE-2023-0767",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-0767"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-0767",
          "url": "https://www.suse.com/security/cve/CVE-2023-0767"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208138 for CVE-2023-0767",
          "url": "https://bugzilla.suse.com/1208138"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213200 for CVE-2023-0767",
          "url": "https://bugzilla.suse.com/1213200"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213818 for CVE-2023-0767",
          "url": "https://bugzilla.suse.com/1213818"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214271 for CVE-2023-0767",
          "url": "https://bugzilla.suse.com/1214271"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218481 for CVE-2023-0767",
          "url": "https://bugzilla.suse.com/1218481"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218964 for CVE-2023-0767",
          "url": "https://bugzilla.suse.com/1218964"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225630 for CVE-2023-0767",
          "url": "https://bugzilla.suse.com/1225630"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-0767"
    },
    {
      "cve": "CVE-2023-23597",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23597"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the \u003ccode\u003efile://\u003c/code\u003e context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefox \u003c 109.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23597",
          "url": "https://www.suse.com/security/cve/CVE-2023-23597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23597"
    },
    {
      "cve": "CVE-2023-23598",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23598"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to the Firefox GTK wrapper code\u0027s use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to \u003ccode\u003eDataTransfer.setData\u003c/code\u003e. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23598",
          "url": "https://www.suse.com/security/cve/CVE-2023-23598"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23598"
    },
    {
      "cve": "CVE-2023-23599",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23599"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23599",
          "url": "https://www.suse.com/security/cve/CVE-2023-23599"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23599"
    },
    {
      "cve": "CVE-2023-23600",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23600"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Per origin notification permissions were being stored in a way that didn\u0027t take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions.\u003cbr\u003e*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 109.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23600",
          "url": "https://www.suse.com/security/cve/CVE-2023-23600"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23600"
    },
    {
      "cve": "CVE-2023-23601",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23601"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23601",
          "url": "https://www.suse.com/security/cve/CVE-2023-23601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23601"
    },
    {
      "cve": "CVE-2023-23602",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23602"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23602",
          "url": "https://www.suse.com/security/cve/CVE-2023-23602"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23602"
    },
    {
      "cve": "CVE-2023-23603",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23603"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Regular expressions used to filter out forbidden properties and values from style directives in calls to \u003ccode\u003econsole.log\u003c/code\u003e weren\u0027t accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23603",
          "url": "https://www.suse.com/security/cve/CVE-2023-23603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23603"
    },
    {
      "cve": "CVE-2023-23604",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23604"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A duplicate \u003ccode\u003eSystemPrincipal\u003c/code\u003e object could be created when parsing a non-system html document via \u003ccode\u003eDOMParser::ParseFromSafeString\u003c/code\u003e. This could have lead to bypassing web security checks. This vulnerability affects Firefox \u003c 109.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23604",
          "url": "https://www.suse.com/security/cve/CVE-2023-23604"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23604"
    },
    {
      "cve": "CVE-2023-23605",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23605"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23605",
          "url": "https://www.suse.com/security/cve/CVE-2023-23605"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23605"
    },
    {
      "cve": "CVE-2023-23606",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23606"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 109.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23606",
          "url": "https://www.suse.com/security/cve/CVE-2023-23606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23606"
    },
    {
      "cve": "CVE-2023-25728",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25728"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \u003ccode\u003eContent-Security-Policy-Report-Only\u003c/code\u003e header could allow an attacker to leak a child iframe\u0027s unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25728",
          "url": "https://www.suse.com/security/cve/CVE-2023-25728"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25728",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25728"
    },
    {
      "cve": "CVE-2023-25729",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25729"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Permission prompts for opening external schemes were only shown for \u003ccode\u003eContentPrincipals\u003c/code\u003e resulting in extensions being able to open them without user interaction via \u003ccode\u003eExpandedPrincipals\u003c/code\u003e. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25729",
          "url": "https://www.suse.com/security/cve/CVE-2023-25729"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25729",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25729"
    },
    {
      "cve": "CVE-2023-25730",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25730"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A background script invoking \u003ccode\u003erequestFullscreen\u003c/code\u003e and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25730",
          "url": "https://www.suse.com/security/cve/CVE-2023-25730"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25730",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25730"
    },
    {
      "cve": "CVE-2023-25731",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25731"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox \u003c 110.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25731",
          "url": "https://www.suse.com/security/cve/CVE-2023-25731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25731",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25731"
    },
    {
      "cve": "CVE-2023-25732",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25732"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When encoding data from an \u003ccode\u003einputStream\u003c/code\u003e in \u003ccode\u003expcom\u003c/code\u003e the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25732",
          "url": "https://www.suse.com/security/cve/CVE-2023-25732"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25732",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25732"
    },
    {
      "cve": "CVE-2023-25733",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25733"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The return value from `gfx::SourceSurfaceSkia::Map()` wasn\u0027t being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox \u003c 110.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25733",
          "url": "https://www.suse.com/security/cve/CVE-2023-25733"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25733",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25733"
    },
    {
      "cve": "CVE-2023-25734",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25734"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "After downloading a Windows \u003ccode\u003e.url\u003c/code\u003e shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.\u003cbr\u003e*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25734",
          "url": "https://www.suse.com/security/cve/CVE-2023-25734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25734",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25734"
    },
    {
      "cve": "CVE-2023-25735",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25735"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25735",
          "url": "https://www.suse.com/security/cve/CVE-2023-25735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25735",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25735"
    },
    {
      "cve": "CVE-2023-25736",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25736"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An invalid downcast from `nsHTMLDocument` to `nsIContent` could have lead to undefined behavior. This vulnerability affects Firefox \u003c 110.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25736",
          "url": "https://www.suse.com/security/cve/CVE-2023-25736"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25736",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25736"
    },
    {
      "cve": "CVE-2023-25737",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25737"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An invalid downcast from \u003ccode\u003ensTextNode\u003c/code\u003e to \u003ccode\u003eSVGElement\u003c/code\u003e could have lead to undefined behavior. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25737",
          "url": "https://www.suse.com/security/cve/CVE-2023-25737"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25737",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25737"
    },
    {
      "cve": "CVE-2023-25738",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25738"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Members of the \u003ccode\u003eDEVMODEW\u003c/code\u003e struct set by the printer device driver weren\u0027t being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.\u003cbr\u003e*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25738",
          "url": "https://www.suse.com/security/cve/CVE-2023-25738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25738",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25738"
    },
    {
      "cve": "CVE-2023-25739",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25739"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in \u003ccode\u003eScriptLoadContext\u003c/code\u003e. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25739",
          "url": "https://www.suse.com/security/cve/CVE-2023-25739"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25739",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25739"
    },
    {
      "cve": "CVE-2023-25740",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25740"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "After downloading a Windows \u003ccode\u003e.scf\u003c/code\u003e script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.\u003cbr\u003e*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 110.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25740",
          "url": "https://www.suse.com/security/cve/CVE-2023-25740"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25740",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25740"
    },
    {
      "cve": "CVE-2023-25741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When dragging and dropping an image cross-origin, the image\u0027s size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox \u003c 110.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25741",
          "url": "https://www.suse.com/security/cve/CVE-2023-25741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25741",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25741"
    },
    {
      "cve": "CVE-2023-25742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25742",
          "url": "https://www.suse.com/security/cve/CVE-2023-25742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25742",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25742"
    },
    {
      "cve": "CVE-2023-25743",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25743"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.\u003cbr\u003e*This bug only affects Firefox Focus. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox \u003c 110 and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25743",
          "url": "https://www.suse.com/security/cve/CVE-2023-25743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25743",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25743"
    },
    {
      "cve": "CVE-2023-25744",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25744"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Kershaw Chang and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 110 and Firefox ESR \u003c 102.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25744",
          "url": "https://www.suse.com/security/cve/CVE-2023-25744"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25744",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25744"
    },
    {
      "cve": "CVE-2023-25745",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25745"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Timothy Nikkel, Gabriele Svelto, Jeff Muizelaar and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 110.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25745",
          "url": "https://www.suse.com/security/cve/CVE-2023-25745"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208144 for CVE-2023-25745",
          "url": "https://bugzilla.suse.com/1208144"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-25745"
    },
    {
      "cve": "CVE-2023-25748",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25748"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. \u003cbr\u003e*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 111.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25748",
          "url": "https://www.suse.com/security/cve/CVE-2023-25748"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-25748"
    },
    {
      "cve": "CVE-2023-25749",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25749"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch an external application before doing so. \u003cbr\u003e*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox \u003c 111.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25749",
          "url": "https://www.suse.com/security/cve/CVE-2023-25749"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-25749"
    },
    {
      "cve": "CVE-2023-25750",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25750"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Under certain circumstances, a ServiceWorker\u0027s offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox \u003c 111.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25750",
          "url": "https://www.suse.com/security/cve/CVE-2023-25750"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-25750"
    },
    {
      "cve": "CVE-2023-25751",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25751"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25751",
          "url": "https://www.suse.com/security/cve/CVE-2023-25751"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-25751"
    },
    {
      "cve": "CVE-2023-25752",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25752"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25752",
          "url": "https://www.suse.com/security/cve/CVE-2023-25752"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-25752"
    },
    {
      "cve": "CVE-2023-28159",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-28159"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The fullscreen notification could have been hidden on Firefox for Android by using download popups, resulting in potential user confusion or spoofing attacks. \u003cbr\u003e*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 111.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-28159",
          "url": "https://www.suse.com/security/cve/CVE-2023-28159"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-28159"
    },
    {
      "cve": "CVE-2023-28160",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-28160"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects Firefox \u003c 111.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-28160",
          "url": "https://www.suse.com/security/cve/CVE-2023-28160"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-28160"
    },
    {
      "cve": "CVE-2023-28161",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-28161"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If temporary \"one-time\" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from different sources, such as in a download directory. This vulnerability affects Firefox \u003c 111.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-28161",
          "url": "https://www.suse.com/security/cve/CVE-2023-28161"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-28161"
    },
    {
      "cve": "CVE-2023-28162",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-28162"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-28162",
          "url": "https://www.suse.com/security/cve/CVE-2023-28162"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-28162"
    },
    {
      "cve": "CVE-2023-28163",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-28163"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. \u003cbr\u003e*This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-28163",
          "url": "https://www.suse.com/security/cve/CVE-2023-28163"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-28163"
    },
    {
      "cve": "CVE-2023-28164",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-28164"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-28164",
          "url": "https://www.suse.com/security/cve/CVE-2023-28164"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-28164"
    },
    {
      "cve": "CVE-2023-28176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-28176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-28176",
          "url": "https://www.suse.com/security/cve/CVE-2023-28176"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-28176"
    },
    {
      "cve": "CVE-2023-28177",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-28177"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members Calixte Denizet, Gabriele Svelto, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 110. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 111.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-28177",
          "url": "https://www.suse.com/security/cve/CVE-2023-28177"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-28177"
    },
    {
      "cve": "CVE-2023-29531",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29531"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and  Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29531",
          "url": "https://www.suse.com/security/cve/CVE-2023-29531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29531",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29531"
    },
    {
      "cve": "CVE-2023-29532",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29532"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.\n\n*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29532",
          "url": "https://www.suse.com/security/cve/CVE-2023-29532"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29532",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29532"
    },
    {
      "cve": "CVE-2023-29533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A website could have obscured the fullscreen notification by using a combination of \u003ccode\u003ewindow.open\u003c/code\u003e, fullscreen requests, \u003ccode\u003ewindow.name\u003c/code\u003e assignments, and \u003ccode\u003esetInterval\u003c/code\u003e calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29533",
          "url": "https://www.suse.com/security/cve/CVE-2023-29533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29533",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29533"
    },
    {
      "cve": "CVE-2023-29534",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29534"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android.  These could have led to potential user confusion and spoofing attacks.\n\n*This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android \u003c 112 and Focus for Android \u003c 112.\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29534",
          "url": "https://www.suse.com/security/cve/CVE-2023-29534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212529 for CVE-2023-29534",
          "url": "https://bugzilla.suse.com/1212529"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-29534"
    },
    {
      "cve": "CVE-2023-29535",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29535"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29535",
          "url": "https://www.suse.com/security/cve/CVE-2023-29535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29535",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29535"
    },
    {
      "cve": "CVE-2023-29536",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29536"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29536",
          "url": "https://www.suse.com/security/cve/CVE-2023-29536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29536",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29536"
    },
    {
      "cve": "CVE-2023-29537",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29537"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29537",
          "url": "https://www.suse.com/security/cve/CVE-2023-29537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29537",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29537"
    },
    {
      "cve": "CVE-2023-29538",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29538"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Under specific circumstances a WebExtension may have received a \u003ccode\u003ejar:file:///\u003c/code\u003e URI instead of a \u003ccode\u003emoz-extension:///\u003c/code\u003e URI during a load request. This leaked directory paths on the user\u0027s machine. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29538",
          "url": "https://www.suse.com/security/cve/CVE-2023-29538"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29538",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29538"
    },
    {
      "cve": "CVE-2023-29539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29539",
          "url": "https://www.suse.com/security/cve/CVE-2023-29539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29539",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29539"
    },
    {
      "cve": "CVE-2023-29540",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29540"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Using a redirect embedded into \u003ccode\u003esourceMappingUrls\u003c/code\u003e could allow for navigation to external protocol links in sandboxed iframes without \u003ccode\u003eallow-top-navigation-to-custom-protocols\u003c/code\u003e. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29540",
          "url": "https://www.suse.com/security/cve/CVE-2023-29540"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29540",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29540"
    },
    {
      "cve": "CVE-2023-29541",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29541"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox did not properly handle downloads of files ending in \u003ccode\u003e.desktop\u003c/code\u003e, which can be interpreted to run attacker-controlled commands. \u003cbr\u003e*This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29541",
          "url": "https://www.suse.com/security/cve/CVE-2023-29541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29541",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29541"
    },
    {
      "cve": "CVE-2023-29542",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29542"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk  with .download. This could have led to accidental execution of malicious code.\n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox  and Thunderbird are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29542",
          "url": "https://www.suse.com/security/cve/CVE-2023-29542"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29542",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29542"
    },
    {
      "cve": "CVE-2023-29543",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29543"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object\u0027s debugger vector. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29543",
          "url": "https://www.suse.com/security/cve/CVE-2023-29543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29543",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29543"
    },
    {
      "cve": "CVE-2023-29544",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29544"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29544",
          "url": "https://www.suse.com/security/cve/CVE-2023-29544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29544",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29544"
    },
    {
      "cve": "CVE-2023-29545",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29545"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Similar to CVE-2023-28163, this time when choosing \u0027Save Link As\u0027, suggested filenames containing environment variable names would have resolved those in the context of the current user. \n\n*This bug only affects Firefox and  Thunderbird on Windows. Other versions of Firefox and  Thunderbird are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29545",
          "url": "https://www.suse.com/security/cve/CVE-2023-29545"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29545",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29545"
    },
    {
      "cve": "CVE-2023-29546",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29546"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When recording the screen while in Private Browsing on Firefox for Android the address bar and keyboard were not hidden, potentially leaking sensitive information. \n\n*This bug only affects Firefox for Android. Other operating systems are unaffected.* This vulnerability affects Firefox for Android \u003c 112 and Focus for Android \u003c 112.\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29546",
          "url": "https://www.suse.com/security/cve/CVE-2023-29546"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "not set"
        }
      ],
      "title": "CVE-2023-29546"
    },
    {
      "cve": "CVE-2023-29547",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29547"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29547",
          "url": "https://www.suse.com/security/cve/CVE-2023-29547"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29547",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29547"
    },
    {
      "cve": "CVE-2023-29548",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29548"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29548",
          "url": "https://www.suse.com/security/cve/CVE-2023-29548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29548",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29548"
    },
    {
      "cve": "CVE-2023-29549",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29549"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Under certain circumstances, a call to the \u003ccode\u003ebind\u003c/code\u003e function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29549",
          "url": "https://www.suse.com/security/cve/CVE-2023-29549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29549",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29549"
    },
    {
      "cve": "CVE-2023-29550",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29550"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Randell Jesup, Andrew Osmond, Sebastian Hengst, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29550",
          "url": "https://www.suse.com/security/cve/CVE-2023-29550"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29550",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29550"
    },
    {
      "cve": "CVE-2023-29551",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-29551"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-29551",
          "url": "https://www.suse.com/security/cve/CVE-2023-29551"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210212 for CVE-2023-29551",
          "url": "https://bugzilla.suse.com/1210212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-29551"
    },
    {
      "cve": "CVE-2023-32205",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32205"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32205",
          "url": "https://www.suse.com/security/cve/CVE-2023-32205"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-32205"
    },
    {
      "cve": "CVE-2023-32206",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32206"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32206",
          "url": "https://www.suse.com/security/cve/CVE-2023-32206"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-32206"
    },
    {
      "cve": "CVE-2023-32207",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32207"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32207",
          "url": "https://www.suse.com/security/cve/CVE-2023-32207"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-32207"
    },
    {
      "cve": "CVE-2023-32208",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32208"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Service workers could reveal script base URL due to dynamic `import()`. This vulnerability affects Firefox \u003c 113.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32208",
          "url": "https://www.suse.com/security/cve/CVE-2023-32208"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-32208"
    },
    {
      "cve": "CVE-2023-32209",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32209"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A maliciously crafted favicon could have led to an out of memory crash. This vulnerability affects Firefox \u003c 113.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32209",
          "url": "https://www.suse.com/security/cve/CVE-2023-32209"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-32209"
    },
    {
      "cve": "CVE-2023-32210",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32210"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Documents were incorrectly assuming an ordering of principal objects when ensuring we were loading an appropriately privileged principal. In certain circumstances it might have been possible to cause a document to be loaded with a higher privileged principal than intended. This vulnerability affects Firefox \u003c 113.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32210",
          "url": "https://www.suse.com/security/cve/CVE-2023-32210"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-32210"
    },
    {
      "cve": "CVE-2023-32211",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32211"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32211",
          "url": "https://www.suse.com/security/cve/CVE-2023-32211"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-32211"
    },
    {
      "cve": "CVE-2023-32212",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32212"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have positioned a `datalist` element to obscure the address bar. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32212",
          "url": "https://www.suse.com/security/cve/CVE-2023-32212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-32212"
    },
    {
      "cve": "CVE-2023-32213",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32213"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32213",
          "url": "https://www.suse.com/security/cve/CVE-2023-32213"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-32213"
    },
    {
      "cve": "CVE-2023-32214",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32214"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.\n*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32214",
          "url": "https://www.suse.com/security/cve/CVE-2023-32214"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-32214"
    },
    {
      "cve": "CVE-2023-32215",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32215"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32215",
          "url": "https://www.suse.com/security/cve/CVE-2023-32215"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-32215"
    },
    {
      "cve": "CVE-2023-32216",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-32216"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members Ronald Crane, Andrew McCreight, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 113.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-32216",
          "url": "https://www.suse.com/security/cve/CVE-2023-32216"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-32216"
    },
    {
      "cve": "CVE-2023-34414",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-34414"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The error page for sites with invalid TLS certificates was missing the\nactivation-delay Firefox uses to protect prompts and permission dialogs\nfrom attacks that exploit human response time delays. If a malicious\npage elicited user clicks in precise locations immediately before\nnavigating to a site with a certificate error and made the renderer\nextremely busy at the same time, it could create a gap between when\nthe error page was loaded and when the display actually refreshed.\nWith the right timing the elicited clicks could land in that gap and \nactivate the button that overrides the certificate error for that site. This vulnerability affects Firefox ESR \u003c 102.12, Firefox \u003c 114, and Thunderbird \u003c 102.12.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-34414",
          "url": "https://www.suse.com/security/cve/CVE-2023-34414"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211922 for CVE-2023-34414",
          "url": "https://bugzilla.suse.com/1211922"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-34414"
    },
    {
      "cve": "CVE-2023-34415",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-34415"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When choosing a site-isolated process for a document loaded from a data: URL that was the result of a redirect, Firefox would load that document in the same process as the site that issued the redirect. This bypassed the site-isolation protections against Spectre-like attacks on sites that host an \"open redirect\". Firefox no longer follows HTTP redirects to data: URLs. This vulnerability affects Firefox \u003c 114.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-34415",
          "url": "https://www.suse.com/security/cve/CVE-2023-34415"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211922 for CVE-2023-34415",
          "url": "https://bugzilla.suse.com/1211922"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-34415"
    },
    {
      "cve": "CVE-2023-34416",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-34416"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 102.12, Firefox \u003c 114, and Thunderbird \u003c 102.12.\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-34416",
          "url": "https://www.suse.com/security/cve/CVE-2023-34416"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211922 for CVE-2023-34416",
          "url": "https://bugzilla.suse.com/1211922"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-34416"
    },
    {
      "cve": "CVE-2023-34417",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-34417"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 113. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 114.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-34417",
          "url": "https://www.suse.com/security/cve/CVE-2023-34417"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211922 for CVE-2023-34417",
          "url": "https://bugzilla.suse.com/1211922"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-34417"
    },
    {
      "cve": "CVE-2023-3482",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-3482"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of \u0027about:blank\u0027. This could have led to malicious websites storing tracking data without permission. This vulnerability affects Firefox \u003c 115.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-3482",
          "url": "https://www.suse.com/security/cve/CVE-2023-3482"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-3482",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-3482"
    },
    {
      "cve": "CVE-2023-3600",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-3600"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This vulnerability affects Firefox \u003c 115.0.2, Firefox ESR \u003c 115.0.2, and Thunderbird \u003c 115.0.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-3600",
          "url": "https://www.suse.com/security/cve/CVE-2023-3600"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213230 for CVE-2023-3600",
          "url": "https://bugzilla.suse.com/1213230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-3600"
    },
    {
      "cve": "CVE-2023-37201",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37201"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37201",
          "url": "https://www.suse.com/security/cve/CVE-2023-37201"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37201",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37201"
    },
    {
      "cve": "CVE-2023-37202",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37202"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37202",
          "url": "https://www.suse.com/security/cve/CVE-2023-37202"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37202",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37202"
    },
    {
      "cve": "CVE-2023-37203",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37203"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files.  This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox \u003c 115.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37203",
          "url": "https://www.suse.com/security/cve/CVE-2023-37203"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37203",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37203"
    },
    {
      "cve": "CVE-2023-37204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A website could have obscured the fullscreen notification by using an option element by introducing lag via an expensive computational function. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 115.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37204",
          "url": "https://www.suse.com/security/cve/CVE-2023-37204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37204",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37204"
    },
    {
      "cve": "CVE-2023-37205",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37205"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox \u003c 115.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37205",
          "url": "https://www.suse.com/security/cve/CVE-2023-37205"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37205",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37205"
    },
    {
      "cve": "CVE-2023-37206",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37206"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox \u003c 115.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37206",
          "url": "https://www.suse.com/security/cve/CVE-2023-37206"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37206",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37206"
    },
    {
      "cve": "CVE-2023-37207",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37207"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37207",
          "url": "https://www.suse.com/security/cve/CVE-2023-37207"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37207",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37207"
    },
    {
      "cve": "CVE-2023-37208",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37208"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37208",
          "url": "https://www.suse.com/security/cve/CVE-2023-37208"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37208",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37208"
    },
    {
      "cve": "CVE-2023-37209",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37209"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained.  This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox \u003c 115.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37209",
          "url": "https://www.suse.com/security/cve/CVE-2023-37209"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37209",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37209"
    },
    {
      "cve": "CVE-2023-37210",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37210"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A website could prevent a user from exiting full-screen mode via alert and prompt calls.  This could lead to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 115.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37210",
          "url": "https://www.suse.com/security/cve/CVE-2023-37210"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37210",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37210"
    },
    {
      "cve": "CVE-2023-37211",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37211"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37211",
          "url": "https://www.suse.com/security/cve/CVE-2023-37211"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37211",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37211"
    },
    {
      "cve": "CVE-2023-37212",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-37212"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 115.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-37212",
          "url": "https://www.suse.com/security/cve/CVE-2023-37212"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212438 for CVE-2023-37212",
          "url": "https://bugzilla.suse.com/1212438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-37212"
    },
    {
      "cve": "CVE-2023-4045",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4045"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4045",
          "url": "https://www.suse.com/security/cve/CVE-2023-4045"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4045",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4045"
    },
    {
      "cve": "CVE-2023-4046",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4046"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4046",
          "url": "https://www.suse.com/security/cve/CVE-2023-4046"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4046",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4046"
    },
    {
      "cve": "CVE-2023-4047",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4047"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4047",
          "url": "https://www.suse.com/security/cve/CVE-2023-4047"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4047",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4047"
    },
    {
      "cve": "CVE-2023-4048",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4048"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4048",
          "url": "https://www.suse.com/security/cve/CVE-2023-4048"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4048",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4048"
    },
    {
      "cve": "CVE-2023-4049",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4049"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4049",
          "url": "https://www.suse.com/security/cve/CVE-2023-4049"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4049",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4049"
    },
    {
      "cve": "CVE-2023-4050",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4050"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4050",
          "url": "https://www.suse.com/security/cve/CVE-2023-4050"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4050",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4050"
    },
    {
      "cve": "CVE-2023-4051",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4051"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4051",
          "url": "https://www.suse.com/security/cve/CVE-2023-4051"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4051",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4051"
    },
    {
      "cve": "CVE-2023-4052",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4052"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. \n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 115.1, and Thunderbird \u003c 115.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4052",
          "url": "https://www.suse.com/security/cve/CVE-2023-4052"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4052",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4052"
    },
    {
      "cve": "CVE-2023-4053",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4053"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4053",
          "url": "https://www.suse.com/security/cve/CVE-2023-4053"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4053",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4053"
    },
    {
      "cve": "CVE-2023-4054",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4054"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. \n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, Firefox ESR \u003c 115.1, Thunderbird \u003c 102.14, and Thunderbird \u003c 115.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4054",
          "url": "https://www.suse.com/security/cve/CVE-2023-4054"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4054",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4054"
    },
    {
      "cve": "CVE-2023-4055",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4055"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused requests to be sent with some cookies missing. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4055",
          "url": "https://www.suse.com/security/cve/CVE-2023-4055"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4055",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4055"
    },
    {
      "cve": "CVE-2023-4056",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4056"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4056",
          "url": "https://www.suse.com/security/cve/CVE-2023-4056"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4056",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4056"
    },
    {
      "cve": "CVE-2023-4057",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4057"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 115.1, and Thunderbird \u003c 115.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4057",
          "url": "https://www.suse.com/security/cve/CVE-2023-4057"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4057",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4057"
    },
    {
      "cve": "CVE-2023-4058",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4058"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 116.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4058",
          "url": "https://www.suse.com/security/cve/CVE-2023-4058"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213746 for CVE-2023-4058",
          "url": "https://bugzilla.suse.com/1213746"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4058"
    },
    {
      "cve": "CVE-2023-4573",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4573"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4573",
          "url": "https://www.suse.com/security/cve/CVE-2023-4573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4573",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4573"
    },
    {
      "cve": "CVE-2023-4574",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4574"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4574",
          "url": "https://www.suse.com/security/cve/CVE-2023-4574"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4574",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4574"
    },
    {
      "cve": "CVE-2023-4575",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4575"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4575",
          "url": "https://www.suse.com/security/cve/CVE-2023-4575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4575",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4575"
    },
    {
      "cve": "CVE-2023-4576",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4576"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4576",
          "url": "https://www.suse.com/security/cve/CVE-2023-4576"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4576",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4576"
    },
    {
      "cve": "CVE-2023-4577",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4577"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4577",
          "url": "https://www.suse.com/security/cve/CVE-2023-4577"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4577",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4577"
    },
    {
      "cve": "CVE-2023-4578",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4578"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4578",
          "url": "https://www.suse.com/security/cve/CVE-2023-4578"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4578",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4578"
    },
    {
      "cve": "CVE-2023-4579",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4579"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could have led to a site spoofing another if it had been maliciously set as the default search engine. This vulnerability affects Firefox \u003c 117.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4579",
          "url": "https://www.suse.com/security/cve/CVE-2023-4579"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4579",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4579"
    },
    {
      "cve": "CVE-2023-4580",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4580"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4580",
          "url": "https://www.suse.com/security/cve/CVE-2023-4580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4580",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4580"
    },
    {
      "cve": "CVE-2023-4581",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4581"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Excel `.xll` add-in files did not have a blocklist entry in Firefox\u0027s executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4581",
          "url": "https://www.suse.com/security/cve/CVE-2023-4581"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4581",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4581"
    },
    {
      "cve": "CVE-2023-4582",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4582"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. \n*This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4582",
          "url": "https://www.suse.com/security/cve/CVE-2023-4582"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4582",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4582"
    },
    {
      "cve": "CVE-2023-4583",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4583"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4583",
          "url": "https://www.suse.com/security/cve/CVE-2023-4583"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4583",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4583"
    },
    {
      "cve": "CVE-2023-4584",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4584"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4584",
          "url": "https://www.suse.com/security/cve/CVE-2023-4584"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4584",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4584"
    },
    {
      "cve": "CVE-2023-4585",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4585"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4585",
          "url": "https://www.suse.com/security/cve/CVE-2023-4585"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214606 for CVE-2023-4585",
          "url": "https://bugzilla.suse.com/1214606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4585"
    },
    {
      "cve": "CVE-2023-4863",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4863"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4863",
          "url": "https://www.suse.com/security/cve/CVE-2023-4863"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215231 for CVE-2023-4863",
          "url": "https://bugzilla.suse.com/1215231"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217115 for CVE-2023-4863",
          "url": "https://bugzilla.suse.com/1217115"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217117 for CVE-2023-4863",
          "url": "https://bugzilla.suse.com/1217117"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4863"
    },
    {
      "cve": "CVE-2023-5168",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5168"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5168",
          "url": "https://www.suse.com/security/cve/CVE-2023-5168"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215575 for CVE-2023-5168",
          "url": "https://bugzilla.suse.com/1215575"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-5168"
    },
    {
      "cve": "CVE-2023-5169",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5169"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5169",
          "url": "https://www.suse.com/security/cve/CVE-2023-5169"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215575 for CVE-2023-5169",
          "url": "https://bugzilla.suse.com/1215575"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-5169"
    },
    {
      "cve": "CVE-2023-5170",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5170"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox \u003c 118.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5170",
          "url": "https://www.suse.com/security/cve/CVE-2023-5170"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215575 for CVE-2023-5170",
          "url": "https://bugzilla.suse.com/1215575"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-5170"
    },
    {
      "cve": "CVE-2023-5171",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5171"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5171",
          "url": "https://www.suse.com/security/cve/CVE-2023-5171"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215575 for CVE-2023-5171",
          "url": "https://bugzilla.suse.com/1215575"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-5171"
    },
    {
      "cve": "CVE-2023-5172",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5172"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A hashtable  in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox \u003c 118.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5172",
          "url": "https://www.suse.com/security/cve/CVE-2023-5172"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215575 for CVE-2023-5172",
          "url": "https://bugzilla.suse.com/1215575"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-5172"
    },
    {
      "cve": "CVE-2023-5173",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5173"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. \n*This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox \u003c 118.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5173",
          "url": "https://www.suse.com/security/cve/CVE-2023-5173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215575 for CVE-2023-5173",
          "url": "https://bugzilla.suse.com/1215575"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-5173"
    },
    {
      "cve": "CVE-2023-5174",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5174"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.\n*This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5174",
          "url": "https://www.suse.com/security/cve/CVE-2023-5174"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215575 for CVE-2023-5174",
          "url": "https://bugzilla.suse.com/1215575"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-5174"
    },
    {
      "cve": "CVE-2023-5175",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5175"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 118.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5175",
          "url": "https://www.suse.com/security/cve/CVE-2023-5175"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215575 for CVE-2023-5175",
          "url": "https://bugzilla.suse.com/1215575"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-5175"
    },
    {
      "cve": "CVE-2023-5176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5176",
          "url": "https://www.suse.com/security/cve/CVE-2023-5176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215575 for CVE-2023-5176",
          "url": "https://bugzilla.suse.com/1215575"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2023-5176"
    },
    {
      "cve": "CVE-2023-5217",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5217"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5217",
          "url": "https://www.suse.com/security/cve/CVE-2023-5217"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215776 for CVE-2023-5217",
          "url": "https://bugzilla.suse.com/1215776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215778 for CVE-2023-5217",
          "url": "https://bugzilla.suse.com/1215778"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215814 for CVE-2023-5217",
          "url": "https://bugzilla.suse.com/1215814"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217559 for CVE-2023-5217",
          "url": "https://bugzilla.suse.com/1217559"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5217"
    },
    {
      "cve": "CVE-2023-5388",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5388"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox \u003c 124, Firefox ESR \u003c 115.9, and Thunderbird \u003c 115.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5388",
          "url": "https://www.suse.com/security/cve/CVE-2023-5388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216198 for CVE-2023-5388",
          "url": "https://bugzilla.suse.com/1216198"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2023-5388",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-5388"
    },
    {
      "cve": "CVE-2023-5721",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5721"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox \u003c 119, Firefox ESR \u003c 115.4, and Thunderbird \u003c 115.4.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5721",
          "url": "https://www.suse.com/security/cve/CVE-2023-5721"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216338 for CVE-2023-5721",
          "url": "https://bugzilla.suse.com/1216338"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5721"
    },
    {
      "cve": "CVE-2023-5722",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5722"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox \u003c 119.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5722",
          "url": "https://www.suse.com/security/cve/CVE-2023-5722"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216338 for CVE-2023-5722",
          "url": "https://bugzilla.suse.com/1216338"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5722"
    },
    {
      "cve": "CVE-2023-5723",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5723"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker with temporary script access to a site could have set a cookie containing invalid characters using `document.cookie` that could have led to unknown errors. This vulnerability affects Firefox \u003c 119.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5723",
          "url": "https://www.suse.com/security/cve/CVE-2023-5723"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216338 for CVE-2023-5723",
          "url": "https://bugzilla.suse.com/1216338"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5723"
    },
    {
      "cve": "CVE-2023-5724",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5724"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability affects Firefox \u003c 119, Firefox ESR \u003c 115.4, and Thunderbird \u003c 115.4.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5724",
          "url": "https://www.suse.com/security/cve/CVE-2023-5724"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216338 for CVE-2023-5724",
          "url": "https://bugzilla.suse.com/1216338"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5724"
    },
    {
      "cve": "CVE-2023-5725",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5725"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox \u003c 119, Firefox ESR \u003c 115.4, and Thunderbird \u003c 115.4.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5725",
          "url": "https://www.suse.com/security/cve/CVE-2023-5725"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216338 for CVE-2023-5725",
          "url": "https://bugzilla.suse.com/1216338"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5725"
    },
    {
      "cve": "CVE-2023-5726",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5726"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. \n*Note: This issue only affected macOS operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 119, Firefox ESR \u003c 115.4, and Thunderbird \u003c 115.4.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5726",
          "url": "https://www.suse.com/security/cve/CVE-2023-5726"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216338 for CVE-2023-5726",
          "url": "https://bugzilla.suse.com/1216338"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5726"
    },
    {
      "cve": "CVE-2023-5727",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5727"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user\u0027s computer.  \n*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 119, Firefox ESR \u003c 115.4, and Thunderbird \u003c 115.4.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5727",
          "url": "https://www.suse.com/security/cve/CVE-2023-5727"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216338 for CVE-2023-5727",
          "url": "https://bugzilla.suse.com/1216338"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5727"
    },
    {
      "cve": "CVE-2023-5728",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5728"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox \u003c 119, Firefox ESR \u003c 115.4, and Thunderbird \u003c 115.4.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5728",
          "url": "https://www.suse.com/security/cve/CVE-2023-5728"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216338 for CVE-2023-5728",
          "url": "https://bugzilla.suse.com/1216338"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5728"
    },
    {
      "cve": "CVE-2023-5729",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5729"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing attack. This vulnerability affects Firefox \u003c 119.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5729",
          "url": "https://www.suse.com/security/cve/CVE-2023-5729"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216338 for CVE-2023-5729",
          "url": "https://bugzilla.suse.com/1216338"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5729"
    },
    {
      "cve": "CVE-2023-5730",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5730"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 119, Firefox ESR \u003c 115.4, and Thunderbird \u003c 115.4.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5730",
          "url": "https://www.suse.com/security/cve/CVE-2023-5730"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216338 for CVE-2023-5730",
          "url": "https://bugzilla.suse.com/1216338"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5730"
    },
    {
      "cve": "CVE-2023-5731",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5731"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 119.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5731",
          "url": "https://www.suse.com/security/cve/CVE-2023-5731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216338 for CVE-2023-5731",
          "url": "https://bugzilla.suse.com/1216338"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-5731"
    },
    {
      "cve": "CVE-2023-6135",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6135"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6135",
          "url": "https://www.suse.com/security/cve/CVE-2023-6135"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6135",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6135"
    },
    {
      "cve": "CVE-2023-6204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On some systems\u2014depending on the graphics settings and drivers\u2014it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6204",
          "url": "https://www.suse.com/security/cve/CVE-2023-6204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217230 for CVE-2023-6204",
          "url": "https://bugzilla.suse.com/1217230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6204"
    },
    {
      "cve": "CVE-2023-6205",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6205"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6205",
          "url": "https://www.suse.com/security/cve/CVE-2023-6205"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217230 for CVE-2023-6205",
          "url": "https://bugzilla.suse.com/1217230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6205"
    },
    {
      "cve": "CVE-2023-6206",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6206"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6206",
          "url": "https://www.suse.com/security/cve/CVE-2023-6206"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217230 for CVE-2023-6206",
          "url": "https://bugzilla.suse.com/1217230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6206"
    },
    {
      "cve": "CVE-2023-6207",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6207"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6207",
          "url": "https://www.suse.com/security/cve/CVE-2023-6207"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217230 for CVE-2023-6207",
          "url": "https://bugzilla.suse.com/1217230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6207"
    },
    {
      "cve": "CVE-2023-6208",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6208"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard.\n*This bug only affects Firefox on X11. Other systems are unaffected.* This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6208",
          "url": "https://www.suse.com/security/cve/CVE-2023-6208"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217230 for CVE-2023-6208",
          "url": "https://bugzilla.suse.com/1217230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6208"
    },
    {
      "cve": "CVE-2023-6209",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6209"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal \"/../\" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6209",
          "url": "https://www.suse.com/security/cve/CVE-2023-6209"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217230 for CVE-2023-6209",
          "url": "https://bugzilla.suse.com/1217230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6209"
    },
    {
      "cve": "CVE-2023-6210",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6210"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When an https: web page created a pop-up from a \"javascript:\" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox \u003c 120.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6210",
          "url": "https://www.suse.com/security/cve/CVE-2023-6210"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217230 for CVE-2023-6210",
          "url": "https://bugzilla.suse.com/1217230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6210"
    },
    {
      "cve": "CVE-2023-6211",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6211"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox \u003c 120.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6211",
          "url": "https://www.suse.com/security/cve/CVE-2023-6211"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217230 for CVE-2023-6211",
          "url": "https://bugzilla.suse.com/1217230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6211"
    },
    {
      "cve": "CVE-2023-6212",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6212"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6212",
          "url": "https://www.suse.com/security/cve/CVE-2023-6212"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217230 for CVE-2023-6212",
          "url": "https://bugzilla.suse.com/1217230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6212"
    },
    {
      "cve": "CVE-2023-6213",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6213"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 119. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 120.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6213",
          "url": "https://www.suse.com/security/cve/CVE-2023-6213"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217230 for CVE-2023-6213",
          "url": "https://bugzilla.suse.com/1217230"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6213"
    },
    {
      "cve": "CVE-2023-6856",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6856"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver.  This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6856",
          "url": "https://www.suse.com/security/cve/CVE-2023-6856"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6856",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6856"
    },
    {
      "cve": "CVE-2023-6857",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6857"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. \n*This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6857",
          "url": "https://www.suse.com/security/cve/CVE-2023-6857"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6857",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6857"
    },
    {
      "cve": "CVE-2023-6858",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6858"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6858",
          "url": "https://www.suse.com/security/cve/CVE-2023-6858"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6858",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6858"
    },
    {
      "cve": "CVE-2023-6859",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6859"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6859",
          "url": "https://www.suse.com/security/cve/CVE-2023-6859"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6859",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6859"
    },
    {
      "cve": "CVE-2023-6860",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6860"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The `VideoBridge` allowed any content process to use textures produced by remote decoders.  This could be abused to escape the sandbox. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6860",
          "url": "https://www.suse.com/security/cve/CVE-2023-6860"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6860",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6860"
    },
    {
      "cve": "CVE-2023-6861",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6861"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6861",
          "url": "https://www.suse.com/security/cve/CVE-2023-6861"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6861",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6861"
    },
    {
      "cve": "CVE-2023-6863",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6863"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6863",
          "url": "https://www.suse.com/security/cve/CVE-2023-6863"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6863",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6863"
    },
    {
      "cve": "CVE-2023-6864",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6864"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6864",
          "url": "https://www.suse.com/security/cve/CVE-2023-6864"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6864",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6864"
    },
    {
      "cve": "CVE-2023-6865",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6865"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "`EncryptingOutputStream` was susceptible to exposing uninitialized data.  This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6865",
          "url": "https://www.suse.com/security/cve/CVE-2023-6865"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6865",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6865"
    },
    {
      "cve": "CVE-2023-6866",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6866"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6866",
          "url": "https://www.suse.com/security/cve/CVE-2023-6866"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6866",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6866"
    },
    {
      "cve": "CVE-2023-6867",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6867"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6867",
          "url": "https://www.suse.com/security/cve/CVE-2023-6867"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6867",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6867"
    },
    {
      "cve": "CVE-2023-6868",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6868"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties.\n*This bug only affects Firefox on Android.* This vulnerability affects Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6868",
          "url": "https://www.suse.com/security/cve/CVE-2023-6868"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6868",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6868"
    },
    {
      "cve": "CVE-2023-6869",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6869"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A `\u0026lt;dialog\u003e` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6869",
          "url": "https://www.suse.com/security/cve/CVE-2023-6869"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6869",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6869"
    },
    {
      "cve": "CVE-2023-6870",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6870"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. \n*This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability affects Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6870",
          "url": "https://www.suse.com/security/cve/CVE-2023-6870"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6870",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6870"
    },
    {
      "cve": "CVE-2023-6871",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6871"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6871",
          "url": "https://www.suse.com/security/cve/CVE-2023-6871"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6871",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6871"
    },
    {
      "cve": "CVE-2023-6872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6872",
          "url": "https://www.suse.com/security/cve/CVE-2023-6872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6872",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6872"
    },
    {
      "cve": "CVE-2023-6873",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6873"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 121.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6873",
          "url": "https://www.suse.com/security/cve/CVE-2023-6873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217974 for CVE-2023-6873",
          "url": "https://bugzilla.suse.com/1217974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6873"
    },
    {
      "cve": "CVE-2024-0741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0741",
          "url": "https://www.suse.com/security/cve/CVE-2024-0741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0741",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0741"
    },
    {
      "cve": "CVE-2024-0742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0742",
          "url": "https://www.suse.com/security/cve/CVE-2024-0742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0742",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0742"
    },
    {
      "cve": "CVE-2024-0743",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0743"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.9, and Thunderbird \u003c 115.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0743",
          "url": "https://www.suse.com/security/cve/CVE-2024-0743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0743",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0743"
    },
    {
      "cve": "CVE-2024-0744",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0744"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox \u003c 122.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0744",
          "url": "https://www.suse.com/security/cve/CVE-2024-0744"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0744",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0744"
    },
    {
      "cve": "CVE-2024-0745",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0745"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox \u003c 122.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0745",
          "url": "https://www.suse.com/security/cve/CVE-2024-0745"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0745",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0745"
    },
    {
      "cve": "CVE-2024-0746",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0746"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0746",
          "url": "https://www.suse.com/security/cve/CVE-2024-0746"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0746",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0746"
    },
    {
      "cve": "CVE-2024-0747",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0747"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0747",
          "url": "https://www.suse.com/security/cve/CVE-2024-0747"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0747",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0747"
    },
    {
      "cve": "CVE-2024-0748",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0748"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0748",
          "url": "https://www.suse.com/security/cve/CVE-2024-0748"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0748",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0748"
    },
    {
      "cve": "CVE-2024-0749",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0749"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox \u003c 122 and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0749",
          "url": "https://www.suse.com/security/cve/CVE-2024-0749"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0749",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0749"
    },
    {
      "cve": "CVE-2024-0750",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0750"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0750",
          "url": "https://www.suse.com/security/cve/CVE-2024-0750"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0750",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0750"
    },
    {
      "cve": "CVE-2024-0751",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0751"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0751",
          "url": "https://www.suse.com/security/cve/CVE-2024-0751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0751",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0751"
    },
    {
      "cve": "CVE-2024-0752",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0752"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox \u003c 122.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0752",
          "url": "https://www.suse.com/security/cve/CVE-2024-0752"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0752",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0752"
    },
    {
      "cve": "CVE-2024-0753",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0753"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0753",
          "url": "https://www.suse.com/security/cve/CVE-2024-0753"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0753",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0753"
    },
    {
      "cve": "CVE-2024-0754",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0754"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox \u003c 122.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0754",
          "url": "https://www.suse.com/security/cve/CVE-2024-0754"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0754",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0754"
    },
    {
      "cve": "CVE-2024-0755",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0755"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0755",
          "url": "https://www.suse.com/security/cve/CVE-2024-0755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0755",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0755"
    },
    {
      "cve": "CVE-2024-10458",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10458"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox \u003c 132, Firefox ESR \u003c 128.4, Firefox ESR \u003c 115.17, Thunderbird \u003c 128.4, and Thunderbird \u003c 132.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10458",
          "url": "https://www.suse.com/security/cve/CVE-2024-10458"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231879 for CVE-2024-10458",
          "url": "https://bugzilla.suse.com/1231879"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-10458"
    },
    {
      "cve": "CVE-2024-10459",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10459"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 132, Firefox ESR \u003c 128.4, Firefox ESR \u003c 115.17, Thunderbird \u003c 128.4, and Thunderbird \u003c 132.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10459",
          "url": "https://www.suse.com/security/cve/CVE-2024-10459"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231879 for CVE-2024-10459",
          "url": "https://bugzilla.suse.com/1231879"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-10459"
    },
    {
      "cve": "CVE-2024-10460",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10460"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox \u003c 132, Firefox ESR \u003c 128.4, Thunderbird \u003c 128.4, and Thunderbird \u003c 132.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10460",
          "url": "https://www.suse.com/security/cve/CVE-2024-10460"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231879 for CVE-2024-10460",
          "url": "https://bugzilla.suse.com/1231879"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-10460"
    },
    {
      "cve": "CVE-2024-10461",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10461"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox \u003c 132, Firefox ESR \u003c 128.4, Thunderbird \u003c 128.4, and Thunderbird \u003c 132.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10461",
          "url": "https://www.suse.com/security/cve/CVE-2024-10461"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231879 for CVE-2024-10461",
          "url": "https://bugzilla.suse.com/1231879"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-10461"
    },
    {
      "cve": "CVE-2024-10462",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10462"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox \u003c 132, Firefox ESR \u003c 128.4, Thunderbird \u003c 128.4, and Thunderbird \u003c 132.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10462",
          "url": "https://www.suse.com/security/cve/CVE-2024-10462"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231879 for CVE-2024-10462",
          "url": "https://bugzilla.suse.com/1231879"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-10462"
    },
    {
      "cve": "CVE-2024-10463",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10463"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox \u003c 132, Firefox ESR \u003c 128.4, Firefox ESR \u003c 115.17, Thunderbird \u003c 128.4, and Thunderbird \u003c 132.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10463",
          "url": "https://www.suse.com/security/cve/CVE-2024-10463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231879 for CVE-2024-10463",
          "url": "https://bugzilla.suse.com/1231879"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-10463"
    },
    {
      "cve": "CVE-2024-10464",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10464"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox \u003c 132, Firefox ESR \u003c 128.4, Thunderbird \u003c 128.4, and Thunderbird \u003c 132.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10464",
          "url": "https://www.suse.com/security/cve/CVE-2024-10464"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231879 for CVE-2024-10464",
          "url": "https://bugzilla.suse.com/1231879"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-10464"
    },
    {
      "cve": "CVE-2024-10465",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10465"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A clipboard \"paste\" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox \u003c 132, Firefox ESR \u003c 128.4, Thunderbird \u003c 128.4, and Thunderbird \u003c 132.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10465",
          "url": "https://www.suse.com/security/cve/CVE-2024-10465"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231879 for CVE-2024-10465",
          "url": "https://bugzilla.suse.com/1231879"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-10465"
    },
    {
      "cve": "CVE-2024-10466",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10466"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox \u003c 132, Firefox ESR \u003c 128.4, Thunderbird \u003c 128.4, and Thunderbird \u003c 132.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10466",
          "url": "https://www.suse.com/security/cve/CVE-2024-10466"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231879 for CVE-2024-10466",
          "url": "https://bugzilla.suse.com/1231879"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-10466"
    },
    {
      "cve": "CVE-2024-10467",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10467"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 132, Firefox ESR \u003c 128.4, Thunderbird \u003c 128.4, and Thunderbird \u003c 132.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10467",
          "url": "https://www.suse.com/security/cve/CVE-2024-10467"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231879 for CVE-2024-10467",
          "url": "https://bugzilla.suse.com/1231879"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-10467"
    },
    {
      "cve": "CVE-2024-11691",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11691"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple\u0027s GPU driver.  \n*This bug only affected the application on Apple M series hardware. Other platforms were unaffected.* This vulnerability affects Firefox \u003c 133, Firefox ESR \u003c 128.5, Firefox ESR \u003c 115.18, Thunderbird \u003c 133, Thunderbird \u003c 128.5, and Thunderbird \u003c 115.18.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11691",
          "url": "https://www.suse.com/security/cve/CVE-2024-11691"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233695 for CVE-2024-11691",
          "url": "https://bugzilla.suse.com/1233695"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-11691"
    },
    {
      "cve": "CVE-2024-11692",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11692"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 133, Firefox ESR \u003c 128.5, Thunderbird \u003c 133, and Thunderbird \u003c 128.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11692",
          "url": "https://www.suse.com/security/cve/CVE-2024-11692"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233695 for CVE-2024-11692",
          "url": "https://bugzilla.suse.com/1233695"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-11692"
    },
    {
      "cve": "CVE-2024-11693",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11693"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The executable file warning was not presented when downloading .library-ms files.  \n*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 133, Firefox ESR \u003c 128.5, Thunderbird \u003c 133, and Thunderbird \u003c 128.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11693",
          "url": "https://www.suse.com/security/cve/CVE-2024-11693"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233695 for CVE-2024-11693",
          "url": "https://bugzilla.suse.com/1233695"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-11693"
    },
    {
      "cve": "CVE-2024-11694",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11694"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Enhanced Tracking Protection\u0027s Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. This vulnerability affects Firefox \u003c 133, Firefox ESR \u003c 128.5, Firefox ESR \u003c 115.18, Thunderbird \u003c 133, Thunderbird \u003c 128.5, and Thunderbird \u003c 115.18.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11694",
          "url": "https://www.suse.com/security/cve/CVE-2024-11694"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233695 for CVE-2024-11694",
          "url": "https://bugzilla.suse.com/1233695"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-11694"
    },
    {
      "cve": "CVE-2024-11695",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11695"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox \u003c 133, Firefox ESR \u003c 128.5, Thunderbird \u003c 133, and Thunderbird \u003c 128.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11695",
          "url": "https://www.suse.com/security/cve/CVE-2024-11695"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233695 for CVE-2024-11695",
          "url": "https://bugzilla.suse.com/1233695"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-11695"
    },
    {
      "cve": "CVE-2024-11696",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11696"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed.  Signature validation in this context is used to ensure that third-party applications on the user\u0027s computer have not tampered with the user\u0027s extensions, limiting the impact of this issue. This vulnerability affects Firefox \u003c 133, Firefox ESR \u003c 128.5, Thunderbird \u003c 133, and Thunderbird \u003c 128.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11696",
          "url": "https://www.suse.com/security/cve/CVE-2024-11696"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233695 for CVE-2024-11696",
          "url": "https://bugzilla.suse.com/1233695"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-11696"
    },
    {
      "cve": "CVE-2024-11697",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11697"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When handling keypress events, an attacker may have been able to trick a user into bypassing the \"Open Executable File?\" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox \u003c 133, Firefox ESR \u003c 128.5, Thunderbird \u003c 133, and Thunderbird \u003c 128.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11697",
          "url": "https://www.suse.com/security/cve/CVE-2024-11697"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233695 for CVE-2024-11697",
          "url": "https://bugzilla.suse.com/1233695"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-11697"
    },
    {
      "cve": "CVE-2024-11698",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11698"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing \"Esc\" or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted.  \n*This bug only affects the application when running on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 133, Firefox ESR \u003c 128.5, Thunderbird \u003c 133, and Thunderbird \u003c 128.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11698",
          "url": "https://www.suse.com/security/cve/CVE-2024-11698"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233695 for CVE-2024-11698",
          "url": "https://bugzilla.suse.com/1233695"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-11698"
    },
    {
      "cve": "CVE-2024-11699",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11699"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 133, Firefox ESR \u003c 128.5, Thunderbird \u003c 133, and Thunderbird \u003c 128.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11699",
          "url": "https://www.suse.com/security/cve/CVE-2024-11699"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233695 for CVE-2024-11699",
          "url": "https://bugzilla.suse.com/1233695"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-11699"
    },
    {
      "cve": "CVE-2024-1546",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1546"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox \u003c 123, Firefox ESR \u003c 115.8, and Thunderbird \u003c 115.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1546",
          "url": "https://www.suse.com/security/cve/CVE-2024-1546"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1546",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1546"
    },
    {
      "cve": "CVE-2024-1547",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1547"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website\u0027s URL shown). This vulnerability affects Firefox \u003c 123, Firefox ESR \u003c 115.8, and Thunderbird \u003c 115.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1547",
          "url": "https://www.suse.com/security/cve/CVE-2024-1547"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1547",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1547"
    },
    {
      "cve": "CVE-2024-1548",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1548"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 123, Firefox ESR \u003c 115.8, and Thunderbird \u003c 115.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1548",
          "url": "https://www.suse.com/security/cve/CVE-2024-1548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1548",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1548"
    },
    {
      "cve": "CVE-2024-1549",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1549"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. This vulnerability affects Firefox \u003c 123, Firefox ESR \u003c 115.8, and Thunderbird \u003c 115.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1549",
          "url": "https://www.suse.com/security/cve/CVE-2024-1549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1549",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1549"
    },
    {
      "cve": "CVE-2024-1550",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1550"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user\u0027s mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox \u003c 123, Firefox ESR \u003c 115.8, and Thunderbird \u003c 115.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1550",
          "url": "https://www.suse.com/security/cve/CVE-2024-1550"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1550",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1550"
    },
    {
      "cve": "CVE-2024-1551",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1551"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox \u003c 123, Firefox ESR \u003c 115.8, and Thunderbird \u003c 115.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1551",
          "url": "https://www.suse.com/security/cve/CVE-2024-1551"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1551",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1551"
    },
    {
      "cve": "CVE-2024-1552",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1552"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox \u003c 123, Firefox ESR \u003c 115.8, and Thunderbird \u003c 115.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1552",
          "url": "https://www.suse.com/security/cve/CVE-2024-1552"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1552",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1552"
    },
    {
      "cve": "CVE-2024-1553",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1553"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 123, Firefox ESR \u003c 115.8, and Thunderbird \u003c 115.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1553",
          "url": "https://www.suse.com/security/cve/CVE-2024-1553"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1553",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1553"
    },
    {
      "cve": "CVE-2024-1554",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1554"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The `fetch()` API and navigation incorrectly shared the same cache, as the cache key did not include the optional headers `fetch()` may contain.  Under the correct circumstances, an attacker may have been able to poison the local browser cache by priming it with a `fetch()` response controlled by the additional headers. Upon navigation to the same URL, the user would see the cached response instead of the expected response. This vulnerability affects Firefox \u003c 123.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1554",
          "url": "https://www.suse.com/security/cve/CVE-2024-1554"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1554",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1554"
    },
    {
      "cve": "CVE-2024-1555",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1555"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When opening a website using the `firefox://` protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox \u003c 123.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1555",
          "url": "https://www.suse.com/security/cve/CVE-2024-1555"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1555",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1555"
    },
    {
      "cve": "CVE-2024-1556",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1556"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox \u003c 123.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1556",
          "url": "https://www.suse.com/security/cve/CVE-2024-1556"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1556",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1556"
    },
    {
      "cve": "CVE-2024-1557",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-1557"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 122. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 123.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-1557",
          "url": "https://www.suse.com/security/cve/CVE-2024-1557"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220048 for CVE-2024-1557",
          "url": "https://bugzilla.suse.com/1220048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-1557"
    },
    {
      "cve": "CVE-2024-2605",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-2605"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox \u003c 124, Firefox ESR \u003c 115.9, and Thunderbird \u003c 115.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-2605",
          "url": "https://www.suse.com/security/cve/CVE-2024-2605"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2024-2605",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-2605"
    },
    {
      "cve": "CVE-2024-2606",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-2606"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox \u003c 124.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-2606",
          "url": "https://www.suse.com/security/cve/CVE-2024-2606"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2024-2606",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-2606"
    },
    {
      "cve": "CVE-2024-2607",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-2607"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Return registers were overwritten which could have allowed an attacker to execute arbitrary code. *Note:* This issue only affected Armv7-A systems. Other operating systems are unaffected. This vulnerability affects Firefox \u003c 124, Firefox ESR \u003c 115.9, and Thunderbird \u003c 115.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-2607",
          "url": "https://www.suse.com/security/cve/CVE-2024-2607"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2024-2607",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-2607"
    },
    {
      "cve": "CVE-2024-2608",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-2608"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox \u003c 124, Firefox ESR \u003c 115.9, and Thunderbird \u003c 115.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-2608",
          "url": "https://www.suse.com/security/cve/CVE-2024-2608"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2024-2608",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-2608"
    },
    {
      "cve": "CVE-2024-2609",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-2609"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox \u003c 124, Firefox ESR \u003c 115.10, and Thunderbird \u003c 115.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-2609",
          "url": "https://www.suse.com/security/cve/CVE-2024-2609"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2024-2609",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-2609"
    },
    {
      "cve": "CVE-2024-2610",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-2610"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies. This vulnerability affects Firefox \u003c 124, Firefox ESR \u003c 115.9, and Thunderbird \u003c 115.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-2610",
          "url": "https://www.suse.com/security/cve/CVE-2024-2610"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2024-2610",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-2610"
    },
    {
      "cve": "CVE-2024-2611",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-2611"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions. This vulnerability affects Firefox \u003c 124, Firefox ESR \u003c 115.9, and Thunderbird \u003c 115.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-2611",
          "url": "https://www.suse.com/security/cve/CVE-2024-2611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2024-2611",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-2611"
    },
    {
      "cve": "CVE-2024-2612",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-2612"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox \u003c 124, Firefox ESR \u003c 115.9, and Thunderbird \u003c 115.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-2612",
          "url": "https://www.suse.com/security/cve/CVE-2024-2612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2024-2612",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-2612"
    },
    {
      "cve": "CVE-2024-2613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-2613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox \u003c 124.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-2613",
          "url": "https://www.suse.com/security/cve/CVE-2024-2613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2024-2613",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-2613"
    },
    {
      "cve": "CVE-2024-2614",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-2614"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 124, Firefox ESR \u003c 115.9, and Thunderbird \u003c 115.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-2614",
          "url": "https://www.suse.com/security/cve/CVE-2024-2614"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2024-2614",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-2614"
    },
    {
      "cve": "CVE-2024-2615",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-2615"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 124.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-2615",
          "url": "https://www.suse.com/security/cve/CVE-2024-2615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221327 for CVE-2024-2615",
          "url": "https://bugzilla.suse.com/1221327"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-2615"
    },
    {
      "cve": "CVE-2024-29943",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-29943"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox \u003c 124.0.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-29943",
          "url": "https://www.suse.com/security/cve/CVE-2024-29943"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221850 for CVE-2024-29943",
          "url": "https://bugzilla.suse.com/1221850"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-29943"
    },
    {
      "cve": "CVE-2024-29944",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-29944"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox \u003c 124.0.1 and Firefox ESR \u003c 115.9.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-29944",
          "url": "https://www.suse.com/security/cve/CVE-2024-29944"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221850 for CVE-2024-29944",
          "url": "https://bugzilla.suse.com/1221850"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-29944"
    },
    {
      "cve": "CVE-2024-3302",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3302"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox \u003c 125, Firefox ESR \u003c 115.10, and Thunderbird \u003c 115.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3302",
          "url": "https://www.suse.com/security/cve/CVE-2024-3302"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3302",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3302"
    },
    {
      "cve": "CVE-2024-3852",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3852"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox \u003c 125, Firefox ESR \u003c 115.10, and Thunderbird \u003c 115.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3852",
          "url": "https://www.suse.com/security/cve/CVE-2024-3852"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3852",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3852"
    },
    {
      "cve": "CVE-2024-3853",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3853"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. This vulnerability affects Firefox \u003c 125.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3853",
          "url": "https://www.suse.com/security/cve/CVE-2024-3853"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3853",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3853"
    },
    {
      "cve": "CVE-2024-3854",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3854"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox \u003c 125, Firefox ESR \u003c 115.10, and Thunderbird \u003c 115.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3854",
          "url": "https://www.suse.com/security/cve/CVE-2024-3854"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3854",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3854"
    },
    {
      "cve": "CVE-2024-3855",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3855"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox \u003c 125.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3855",
          "url": "https://www.suse.com/security/cve/CVE-2024-3855"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3855",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3855"
    },
    {
      "cve": "CVE-2024-3856",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3856"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox \u003c 125.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3856",
          "url": "https://www.suse.com/security/cve/CVE-2024-3856"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3856",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3856"
    },
    {
      "cve": "CVE-2024-3857",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3857"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox \u003c 125, Firefox ESR \u003c 115.10, and Thunderbird \u003c 115.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3857",
          "url": "https://www.suse.com/security/cve/CVE-2024-3857"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3857",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3857"
    },
    {
      "cve": "CVE-2024-3858",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3858"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible to mutate a JavaScript object so that the JIT could crash while tracing it. This vulnerability affects Firefox \u003c 125.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3858",
          "url": "https://www.suse.com/security/cve/CVE-2024-3858"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3858",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3858"
    },
    {
      "cve": "CVE-2024-3859",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3859"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox \u003c 125, Firefox ESR \u003c 115.10, and Thunderbird \u003c 115.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3859",
          "url": "https://www.suse.com/security/cve/CVE-2024-3859"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3859",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3859"
    },
    {
      "cve": "CVE-2024-3860",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3860"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox \u003c 125.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3860",
          "url": "https://www.suse.com/security/cve/CVE-2024-3860"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3860",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3860"
    },
    {
      "cve": "CVE-2024-3861",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3861"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox \u003c 125, Firefox ESR \u003c 115.10, and Thunderbird \u003c 115.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3861",
          "url": "https://www.suse.com/security/cve/CVE-2024-3861"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3861",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3861"
    },
    {
      "cve": "CVE-2024-3862",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3862"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox \u003c 125.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3862",
          "url": "https://www.suse.com/security/cve/CVE-2024-3862"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3862",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3862"
    },
    {
      "cve": "CVE-2024-3863",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3863"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The executable file warning was not presented when downloading .xrm-ms files.  \n*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 125, Firefox ESR \u003c 115.10, and Thunderbird \u003c 115.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3863",
          "url": "https://www.suse.com/security/cve/CVE-2024-3863"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3863",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3863"
    },
    {
      "cve": "CVE-2024-3864",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3864"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 125, Firefox ESR \u003c 115.10, and Thunderbird \u003c 115.10.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3864",
          "url": "https://www.suse.com/security/cve/CVE-2024-3864"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3864",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3864"
    },
    {
      "cve": "CVE-2024-3865",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3865"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 124. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 125.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3865",
          "url": "https://www.suse.com/security/cve/CVE-2024-3865"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222535 for CVE-2024-3865",
          "url": "https://bugzilla.suse.com/1222535"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3865"
    },
    {
      "cve": "CVE-2024-4367",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4367"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox \u003c 126, Firefox ESR \u003c 115.11, and Thunderbird \u003c 115.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4367",
          "url": "https://www.suse.com/security/cve/CVE-2024-4367"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4367",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4367"
    },
    {
      "cve": "CVE-2024-4764",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4764"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox \u003c 126.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4764",
          "url": "https://www.suse.com/security/cve/CVE-2024-4764"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4764",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4764"
    },
    {
      "cve": "CVE-2024-4765",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4765"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Web application manifests were stored by using an insecure MD5 hash which allowed for a hash collision to overwrite another application\u0027s manifest. This could have been exploited to run arbitrary code in another application\u0027s context. \n*This issue only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox \u003c 126.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4765",
          "url": "https://www.suse.com/security/cve/CVE-2024-4765"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4765",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4765"
    },
    {
      "cve": "CVE-2024-4766",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4766"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Different techniques existed to obscure the fullscreen notification in Firefox for Android.  These could have led to potential user confusion and spoofing attacks.\n*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox \u003c 126.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4766",
          "url": "https://www.suse.com/security/cve/CVE-2024-4766"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4766",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4766"
    },
    {
      "cve": "CVE-2024-4767",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4767"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox \u003c 126, Firefox ESR \u003c 115.11, and Thunderbird \u003c 115.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4767",
          "url": "https://www.suse.com/security/cve/CVE-2024-4767"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4767",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4767"
    },
    {
      "cve": "CVE-2024-4768",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4768"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A bug in popup notifications\u0027 interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox \u003c 126, Firefox ESR \u003c 115.11, and Thunderbird \u003c 115.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4768",
          "url": "https://www.suse.com/security/cve/CVE-2024-4768"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4768",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4768"
    },
    {
      "cve": "CVE-2024-4769",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4769"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses.  This could have been abused to learn information cross-origin. This vulnerability affects Firefox \u003c 126, Firefox ESR \u003c 115.11, and Thunderbird \u003c 115.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4769",
          "url": "https://www.suse.com/security/cve/CVE-2024-4769"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4769",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4769"
    },
    {
      "cve": "CVE-2024-4770",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4770"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox \u003c 126, Firefox ESR \u003c 115.11, and Thunderbird \u003c 115.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4770",
          "url": "https://www.suse.com/security/cve/CVE-2024-4770"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4770",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4770"
    },
    {
      "cve": "CVE-2024-4771",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4771"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox \u003c 126.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4771",
          "url": "https://www.suse.com/security/cve/CVE-2024-4771"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4771",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4771"
    },
    {
      "cve": "CVE-2024-4772",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4772"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox \u003c 126.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4772",
          "url": "https://www.suse.com/security/cve/CVE-2024-4772"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4772",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4772"
    },
    {
      "cve": "CVE-2024-4773",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4773"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox \u003c 126.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4773",
          "url": "https://www.suse.com/security/cve/CVE-2024-4773"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4773",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4773"
    },
    {
      "cve": "CVE-2024-4774",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4774"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The `ShmemCharMapHashEntry()` code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox \u003c 126.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4774",
          "url": "https://www.suse.com/security/cve/CVE-2024-4774"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4774",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4774"
    },
    {
      "cve": "CVE-2024-4775",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4775"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox \u003c 126.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4775",
          "url": "https://www.suse.com/security/cve/CVE-2024-4775"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4775",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4775"
    },
    {
      "cve": "CVE-2024-4776",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4776"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A file dialog shown while in full-screen mode could have resulted in the window remaining disabled. This vulnerability affects Firefox \u003c 126.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4776",
          "url": "https://www.suse.com/security/cve/CVE-2024-4776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4776",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4776"
    },
    {
      "cve": "CVE-2024-4777",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4777"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 126, Firefox ESR \u003c 115.11, and Thunderbird \u003c 115.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4777",
          "url": "https://www.suse.com/security/cve/CVE-2024-4777"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4777",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4777"
    },
    {
      "cve": "CVE-2024-4778",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4778"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 125. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 126.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4778",
          "url": "https://www.suse.com/security/cve/CVE-2024-4778"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224056 for CVE-2024-4778",
          "url": "https://bugzilla.suse.com/1224056"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-4778"
    },
    {
      "cve": "CVE-2024-5687",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5687"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the `Referer` and `Sec-*` headers, meaning there is the potential for incorrect security checks within the browser in addition to incorrect or misleading information sent to remote websites.\n*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox \u003c 127.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5687",
          "url": "https://www.suse.com/security/cve/CVE-2024-5687"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5687",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5687"
    },
    {
      "cve": "CVE-2024-5688",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5688"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox \u003c 127, Firefox ESR \u003c 115.12, and Thunderbird \u003c 115.12.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5688",
          "url": "https://www.suse.com/security/cve/CVE-2024-5688"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5688",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5688"
    },
    {
      "cve": "CVE-2024-5689",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5689"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the \u0027My Shots\u0027 button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing. This vulnerability affects Firefox \u003c 127.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5689",
          "url": "https://www.suse.com/security/cve/CVE-2024-5689"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5689",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5689"
    },
    {
      "cve": "CVE-2024-5690",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5690"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user\u0027s system. This vulnerability affects Firefox \u003c 127, Firefox ESR \u003c 115.12, and Thunderbird \u003c 115.12.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5690",
          "url": "https://www.suse.com/security/cve/CVE-2024-5690"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5690",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5690"
    },
    {
      "cve": "CVE-2024-5691",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5691"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox \u003c 127, Firefox ESR \u003c 115.12, and Thunderbird \u003c 115.12.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5691",
          "url": "https://www.suse.com/security/cve/CVE-2024-5691"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5691",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5691"
    },
    {
      "cve": "CVE-2024-5692",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5692"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On Windows 10, when using the \u0027Save As\u0027 functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox \u003c 127, Firefox ESR \u003c 115.12, and Thunderbird \u003c 115.12.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5692",
          "url": "https://www.suse.com/security/cve/CVE-2024-5692"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5692",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5692"
    },
    {
      "cve": "CVE-2024-5693",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5693"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox \u003c 127, Firefox ESR \u003c 115.12, and Thunderbird \u003c 115.12.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5693",
          "url": "https://www.suse.com/security/cve/CVE-2024-5693"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5693",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5693"
    },
    {
      "cve": "CVE-2024-5694",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5694"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox \u003c 127.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5694",
          "url": "https://www.suse.com/security/cve/CVE-2024-5694"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5694",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5694"
    },
    {
      "cve": "CVE-2024-5695",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5695"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. This vulnerability affects Firefox \u003c 127.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5695",
          "url": "https://www.suse.com/security/cve/CVE-2024-5695"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5695",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5695"
    },
    {
      "cve": "CVE-2024-5696",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5696"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By manipulating the text in an `\u0026lt;input\u0026gt;` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 127, Firefox ESR \u003c 115.12, and Thunderbird \u003c 115.12.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5696",
          "url": "https://www.suse.com/security/cve/CVE-2024-5696"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5696",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5696"
    },
    {
      "cve": "CVE-2024-5697",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5697"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox \u003c 127.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5697",
          "url": "https://www.suse.com/security/cve/CVE-2024-5697"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5697",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5697"
    },
    {
      "cve": "CVE-2024-5698",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5698"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 127.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5698",
          "url": "https://www.suse.com/security/cve/CVE-2024-5698"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5698",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5698"
    },
    {
      "cve": "CVE-2024-5699",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5699"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In violation of spec, cookie prefixes such as `__Secure` were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix. This vulnerability affects Firefox \u003c 127.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5699",
          "url": "https://www.suse.com/security/cve/CVE-2024-5699"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5699",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5699"
    },
    {
      "cve": "CVE-2024-5700",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5700"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 127, Firefox ESR \u003c 115.12, and Thunderbird \u003c 115.12.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5700",
          "url": "https://www.suse.com/security/cve/CVE-2024-5700"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5700",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5700"
    },
    {
      "cve": "CVE-2024-5701",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-5701"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 126. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 127.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-5701",
          "url": "https://www.suse.com/security/cve/CVE-2024-5701"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226027 for CVE-2024-5701",
          "url": "https://bugzilla.suse.com/1226027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2024-5701"
    },
    {
      "cve": "CVE-2024-6600",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6600"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6600",
          "url": "https://www.suse.com/security/cve/CVE-2024-6600"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6600",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6600"
    },
    {
      "cve": "CVE-2024-6601",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6601"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6601",
          "url": "https://www.suse.com/security/cve/CVE-2024-6601"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6601",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6601"
    },
    {
      "cve": "CVE-2024-6602",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6602"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6602",
          "url": "https://www.suse.com/security/cve/CVE-2024-6602"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6602",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6602"
    },
    {
      "cve": "CVE-2024-6603",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6603"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6603",
          "url": "https://www.suse.com/security/cve/CVE-2024-6603"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6603",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6603"
    },
    {
      "cve": "CVE-2024-6604",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6604"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6604",
          "url": "https://www.suse.com/security/cve/CVE-2024-6604"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6604",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6604"
    },
    {
      "cve": "CVE-2024-6605",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6605"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6605",
          "url": "https://www.suse.com/security/cve/CVE-2024-6605"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6605",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6605"
    },
    {
      "cve": "CVE-2024-6606",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6606"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6606",
          "url": "https://www.suse.com/security/cve/CVE-2024-6606"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6606",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6606"
    },
    {
      "cve": "CVE-2024-6607",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6607"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `\u0026lt;select\u0026gt;` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6607",
          "url": "https://www.suse.com/security/cve/CVE-2024-6607"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6607",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6607"
    },
    {
      "cve": "CVE-2024-6608",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6608"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6608",
          "url": "https://www.suse.com/security/cve/CVE-2024-6608"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6608",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6608"
    },
    {
      "cve": "CVE-2024-6609",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6609"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6609",
          "url": "https://www.suse.com/security/cve/CVE-2024-6609"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6609",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6609"
    },
    {
      "cve": "CVE-2024-6610",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6610"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6610",
          "url": "https://www.suse.com/security/cve/CVE-2024-6610"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6610",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6610"
    },
    {
      "cve": "CVE-2024-6611",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6611"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6611",
          "url": "https://www.suse.com/security/cve/CVE-2024-6611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6611",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6611"
    },
    {
      "cve": "CVE-2024-6612",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6612"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6612",
          "url": "https://www.suse.com/security/cve/CVE-2024-6612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6612",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6612"
    },
    {
      "cve": "CVE-2024-6613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6613",
          "url": "https://www.suse.com/security/cve/CVE-2024-6613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6613",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6613"
    },
    {
      "cve": "CVE-2024-6614",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6614"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6614",
          "url": "https://www.suse.com/security/cve/CVE-2024-6614"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6614",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6614"
    },
    {
      "cve": "CVE-2024-6615",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6615"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 128 and Thunderbird \u003c 128.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6615",
          "url": "https://www.suse.com/security/cve/CVE-2024-6615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226316 for CVE-2024-6615",
          "url": "https://bugzilla.suse.com/1226316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6615"
    },
    {
      "cve": "CVE-2024-7518",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7518"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 128.1, and Thunderbird \u003c 128.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7518",
          "url": "https://www.suse.com/security/cve/CVE-2024-7518"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7518",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7518"
    },
    {
      "cve": "CVE-2024-7519",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7519"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 115.14, Firefox ESR \u003c 128.1, Thunderbird \u003c 128.1, and Thunderbird \u003c 115.14.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7519",
          "url": "https://www.suse.com/security/cve/CVE-2024-7519"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7519",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7519"
    },
    {
      "cve": "CVE-2024-7520",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7520"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 128.1, and Thunderbird \u003c 128.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7520",
          "url": "https://www.suse.com/security/cve/CVE-2024-7520"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7520",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7520"
    },
    {
      "cve": "CVE-2024-7521",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7521"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 115.14, Firefox ESR \u003c 128.1, Thunderbird \u003c 128.1, and Thunderbird \u003c 115.14.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7521",
          "url": "https://www.suse.com/security/cve/CVE-2024-7521"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7521",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7521"
    },
    {
      "cve": "CVE-2024-7522",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7522"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 115.14, Firefox ESR \u003c 128.1, Thunderbird \u003c 128.1, and Thunderbird \u003c 115.14.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7522",
          "url": "https://www.suse.com/security/cve/CVE-2024-7522"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7522",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7522"
    },
    {
      "cve": "CVE-2024-7524",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7524"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection.  On a site protected by Content Security Policy in \"strict-dynamic\" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 115.14, and Firefox ESR \u003c 128.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7524",
          "url": "https://www.suse.com/security/cve/CVE-2024-7524"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7524",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7524"
    },
    {
      "cve": "CVE-2024-7525",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7525"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 115.14, Firefox ESR \u003c 128.1, Thunderbird \u003c 128.1, and Thunderbird \u003c 115.14.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7525",
          "url": "https://www.suse.com/security/cve/CVE-2024-7525"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7525",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7525"
    },
    {
      "cve": "CVE-2024-7526",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7526"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 115.14, Firefox ESR \u003c 128.1, Thunderbird \u003c 128.1, and Thunderbird \u003c 115.14.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7526",
          "url": "https://www.suse.com/security/cve/CVE-2024-7526"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7526",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7526"
    },
    {
      "cve": "CVE-2024-7527",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7527"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 115.14, Firefox ESR \u003c 128.1, Thunderbird \u003c 128.1, and Thunderbird \u003c 115.14.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7527",
          "url": "https://www.suse.com/security/cve/CVE-2024-7527"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7527",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7527"
    },
    {
      "cve": "CVE-2024-7528",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7528"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 128.1, and Thunderbird \u003c 128.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7528",
          "url": "https://www.suse.com/security/cve/CVE-2024-7528"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7528",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7528"
    },
    {
      "cve": "CVE-2024-7529",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7529"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 115.14, Firefox ESR \u003c 128.1, Thunderbird \u003c 128.1, and Thunderbird \u003c 115.14.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7529",
          "url": "https://www.suse.com/security/cve/CVE-2024-7529"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7529",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7529"
    },
    {
      "cve": "CVE-2024-7531",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7531"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 115.14, and Firefox ESR \u003c 128.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7531",
          "url": "https://www.suse.com/security/cve/CVE-2024-7531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-7531",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-7531"
    },
    {
      "cve": "CVE-2024-8381",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8381"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox \u003c 130, Firefox ESR \u003c 128.2, Firefox ESR \u003c 115.15, Thunderbird \u003c 128.2, and Thunderbird \u003c 115.15.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8381",
          "url": "https://www.suse.com/security/cve/CVE-2024-8381"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229821 for CVE-2024-8381",
          "url": "https://bugzilla.suse.com/1229821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-8381"
    },
    {
      "cve": "CVE-2024-8382",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8382"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox \u003c 130, Firefox ESR \u003c 128.2, Firefox ESR \u003c 115.15, Thunderbird \u003c 128.2, and Thunderbird \u003c 115.15.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8382",
          "url": "https://www.suse.com/security/cve/CVE-2024-8382"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229821 for CVE-2024-8382",
          "url": "https://bugzilla.suse.com/1229821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-8382"
    },
    {
      "cve": "CVE-2024-8383",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8383"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don\u0027t have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox \u003c 130, Firefox ESR \u003c 128.2, and Firefox ESR \u003c 115.15.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8383",
          "url": "https://www.suse.com/security/cve/CVE-2024-8383"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229821 for CVE-2024-8383",
          "url": "https://bugzilla.suse.com/1229821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-8383"
    },
    {
      "cve": "CVE-2024-8384",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8384"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox \u003c 130, Firefox ESR \u003c 128.2, Firefox ESR \u003c 115.15, Thunderbird \u003c 128.2, and Thunderbird \u003c 115.15.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8384",
          "url": "https://www.suse.com/security/cve/CVE-2024-8384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229821 for CVE-2024-8384",
          "url": "https://bugzilla.suse.com/1229821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-8384"
    },
    {
      "cve": "CVE-2024-8385",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8385"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox \u003c 130, Firefox ESR \u003c 128.2, and Thunderbird \u003c 128.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8385",
          "url": "https://www.suse.com/security/cve/CVE-2024-8385"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229821 for CVE-2024-8385",
          "url": "https://bugzilla.suse.com/1229821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-8385"
    },
    {
      "cve": "CVE-2024-8386",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8386"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox \u003c 130, Firefox ESR \u003c 128.2, and Thunderbird \u003c 128.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8386",
          "url": "https://www.suse.com/security/cve/CVE-2024-8386"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229821 for CVE-2024-8386",
          "url": "https://bugzilla.suse.com/1229821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-8386"
    },
    {
      "cve": "CVE-2024-8387",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8387"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 130, Firefox ESR \u003c 128.2, and Thunderbird \u003c 128.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8387",
          "url": "https://www.suse.com/security/cve/CVE-2024-8387"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229821 for CVE-2024-8387",
          "url": "https://bugzilla.suse.com/1229821"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-8387"
    },
    {
      "cve": "CVE-2024-8900",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8900"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could write data to the user\u0027s clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox \u003c 129, Firefox ESR \u003c 128.3, and Thunderbird \u003c 128.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8900",
          "url": "https://www.suse.com/security/cve/CVE-2024-8900"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228648 for CVE-2024-8900",
          "url": "https://bugzilla.suse.com/1228648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-8900"
    },
    {
      "cve": "CVE-2024-9392",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9392"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox \u003c 131, Firefox ESR \u003c 128.3, Firefox ESR \u003c 115.16, Thunderbird \u003c 128.3, and Thunderbird \u003c 131.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9392",
          "url": "https://www.suse.com/security/cve/CVE-2024-9392"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230979 for CVE-2024-9392",
          "url": "https://bugzilla.suse.com/1230979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-9392"
    },
    {
      "cve": "CVE-2024-9393",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9393"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin.  This could allow them to access cross-origin PDF content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox \u003c 131, Firefox ESR \u003c 128.3, Firefox ESR \u003c 115.16, Thunderbird \u003c 128.3, and Thunderbird \u003c 131.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9393",
          "url": "https://www.suse.com/security/cve/CVE-2024-9393"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230979 for CVE-2024-9393",
          "url": "https://bugzilla.suse.com/1230979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-9393"
    },
    {
      "cve": "CVE-2024-9394",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9394"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin.  This could allow them to access cross-origin JSON content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox \u003c 131, Firefox ESR \u003c 128.3, Firefox ESR \u003c 115.16, Thunderbird \u003c 128.3, and Thunderbird \u003c 131.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9394",
          "url": "https://www.suse.com/security/cve/CVE-2024-9394"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230979 for CVE-2024-9394",
          "url": "https://bugzilla.suse.com/1230979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-9394"
    },
    {
      "cve": "CVE-2024-9396",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9396"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox \u003c 131, Firefox ESR \u003c 128.3, Thunderbird \u003c 128.3, and Thunderbird \u003c 131.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9396",
          "url": "https://www.suse.com/security/cve/CVE-2024-9396"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230979 for CVE-2024-9396",
          "url": "https://bugzilla.suse.com/1230979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-9396"
    },
    {
      "cve": "CVE-2024-9397",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9397"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox \u003c 131, Firefox ESR \u003c 128.3, Thunderbird \u003c 128.3, and Thunderbird \u003c 131.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9397",
          "url": "https://www.suse.com/security/cve/CVE-2024-9397"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230979 for CVE-2024-9397",
          "url": "https://bugzilla.suse.com/1230979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-9397"
    },
    {
      "cve": "CVE-2024-9398",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9398"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox \u003c 131, Firefox ESR \u003c 128.3, Thunderbird \u003c 128.3, and Thunderbird \u003c 131.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9398",
          "url": "https://www.suse.com/security/cve/CVE-2024-9398"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230979 for CVE-2024-9398",
          "url": "https://bugzilla.suse.com/1230979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-9398"
    },
    {
      "cve": "CVE-2024-9399",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9399"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox \u003c 131, Firefox ESR \u003c 128.3, Thunderbird \u003c 128.3, and Thunderbird \u003c 131.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9399",
          "url": "https://www.suse.com/security/cve/CVE-2024-9399"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230979 for CVE-2024-9399",
          "url": "https://bugzilla.suse.com/1230979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-9399"
    },
    {
      "cve": "CVE-2024-9400",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9400"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox \u003c 131, Firefox ESR \u003c 128.3, Thunderbird \u003c 128.3, and Thunderbird \u003c 131.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9400",
          "url": "https://www.suse.com/security/cve/CVE-2024-9400"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230979 for CVE-2024-9400",
          "url": "https://bugzilla.suse.com/1230979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-9400"
    },
    {
      "cve": "CVE-2024-9401",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9401"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 131, Firefox ESR \u003c 128.3, Firefox ESR \u003c 115.16, Thunderbird \u003c 128.3, and Thunderbird \u003c 131.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9401",
          "url": "https://www.suse.com/security/cve/CVE-2024-9401"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230979 for CVE-2024-9401",
          "url": "https://bugzilla.suse.com/1230979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-9401"
    },
    {
      "cve": "CVE-2024-9402",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9402"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 131, Firefox ESR \u003c 128.3, Thunderbird \u003c 128.3, and Thunderbird \u003c 131.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9402",
          "url": "https://www.suse.com/security/cve/CVE-2024-9402"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230979 for CVE-2024-9402",
          "url": "https://bugzilla.suse.com/1230979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-9402"
    },
    {
      "cve": "CVE-2024-9680",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9680"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox \u003c 131.0.2, Firefox ESR \u003c 128.3.1, Firefox ESR \u003c 115.16.1, Thunderbird \u003c 131.0.1, Thunderbird \u003c 128.3.1, and Thunderbird \u003c 115.16.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
          "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9680",
          "url": "https://www.suse.com/security/cve/CVE-2024-9680"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231413 for CVE-2024-9680",
          "url": "https://bugzilla.suse.com/1231413"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1.x86_64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.aarch64",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.ppc64le",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.s390x",
            "openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-12T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-9680"
    }
  ]
}

OPENSUSE-SU-2024:13626-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

MozillaFirefox-122.0-1.1 on GA media

Notes

Title of the patch

MozillaFirefox-122.0-1.1 on GA media

Description of the patch

These are all security issues fixed in the MozillaFirefox-122.0-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-13626

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "MozillaFirefox-122.0-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the MozillaFirefox-122.0-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-13626",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13626-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0741 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0742 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0742/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0743 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0743/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0744 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0744/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0745 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0745/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0746 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0746/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0747 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0747/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0748 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0748/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0749 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0749/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0750 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0750/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0751 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0751/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0752 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0752/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0753 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0753/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0754 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0754/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0755 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0755/"
      }
    ],
    "title": "MozillaFirefox-122.0-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:13626-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-122.0-1.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-122.0-1.1.aarch64",
                  "product_id": "MozillaFirefox-122.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
                  "product_id": "MozillaFirefox-branding-upstream-122.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-122.0-1.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-devel-122.0-1.1.aarch64",
                  "product_id": "MozillaFirefox-devel-122.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-122.0-1.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-translations-common-122.0-1.1.aarch64",
                  "product_id": "MozillaFirefox-translations-common-122.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-122.0-1.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-translations-other-122.0-1.1.aarch64",
                  "product_id": "MozillaFirefox-translations-other-122.0-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-122.0-1.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-122.0-1.1.ppc64le",
                  "product_id": "MozillaFirefox-122.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
                  "product_id": "MozillaFirefox-branding-upstream-122.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-122.0-1.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-devel-122.0-1.1.ppc64le",
                  "product_id": "MozillaFirefox-devel-122.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-122.0-1.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-translations-common-122.0-1.1.ppc64le",
                  "product_id": "MozillaFirefox-translations-common-122.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-122.0-1.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-translations-other-122.0-1.1.ppc64le",
                  "product_id": "MozillaFirefox-translations-other-122.0-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-122.0-1.1.s390x",
                "product": {
                  "name": "MozillaFirefox-122.0-1.1.s390x",
                  "product_id": "MozillaFirefox-122.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-122.0-1.1.s390x",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-122.0-1.1.s390x",
                  "product_id": "MozillaFirefox-branding-upstream-122.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-122.0-1.1.s390x",
                "product": {
                  "name": "MozillaFirefox-devel-122.0-1.1.s390x",
                  "product_id": "MozillaFirefox-devel-122.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-122.0-1.1.s390x",
                "product": {
                  "name": "MozillaFirefox-translations-common-122.0-1.1.s390x",
                  "product_id": "MozillaFirefox-translations-common-122.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-122.0-1.1.s390x",
                "product": {
                  "name": "MozillaFirefox-translations-other-122.0-1.1.s390x",
                  "product_id": "MozillaFirefox-translations-other-122.0-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-122.0-1.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-122.0-1.1.x86_64",
                  "product_id": "MozillaFirefox-122.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
                  "product_id": "MozillaFirefox-branding-upstream-122.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-122.0-1.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-devel-122.0-1.1.x86_64",
                  "product_id": "MozillaFirefox-devel-122.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-122.0-1.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-translations-common-122.0-1.1.x86_64",
                  "product_id": "MozillaFirefox-translations-common-122.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-122.0-1.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-translations-other-122.0-1.1.x86_64",
                  "product_id": "MozillaFirefox-translations-other-122.0-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-122.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64"
        },
        "product_reference": "MozillaFirefox-122.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-122.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-122.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-122.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x"
        },
        "product_reference": "MozillaFirefox-122.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-122.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64"
        },
        "product_reference": "MozillaFirefox-122.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-branding-upstream-122.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64"
        },
        "product_reference": "MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-branding-upstream-122.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-branding-upstream-122.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x"
        },
        "product_reference": "MozillaFirefox-branding-upstream-122.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-branding-upstream-122.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64"
        },
        "product_reference": "MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-122.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64"
        },
        "product_reference": "MozillaFirefox-devel-122.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-122.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-devel-122.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-122.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x"
        },
        "product_reference": "MozillaFirefox-devel-122.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-122.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-122.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-122.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-common-122.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-122.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-common-122.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-122.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x"
        },
        "product_reference": "MozillaFirefox-translations-common-122.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-122.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-common-122.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-122.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-other-122.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-122.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-other-122.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-122.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x"
        },
        "product_reference": "MozillaFirefox-translations-other-122.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-122.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-other-122.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-0741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0741",
          "url": "https://www.suse.com/security/cve/CVE-2024-0741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0741",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0741"
    },
    {
      "cve": "CVE-2024-0742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0742",
          "url": "https://www.suse.com/security/cve/CVE-2024-0742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0742",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0742"
    },
    {
      "cve": "CVE-2024-0743",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0743"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.9, and Thunderbird \u003c 115.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0743",
          "url": "https://www.suse.com/security/cve/CVE-2024-0743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0743",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0743"
    },
    {
      "cve": "CVE-2024-0744",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0744"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox \u003c 122.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0744",
          "url": "https://www.suse.com/security/cve/CVE-2024-0744"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0744",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0744"
    },
    {
      "cve": "CVE-2024-0745",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0745"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox \u003c 122.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0745",
          "url": "https://www.suse.com/security/cve/CVE-2024-0745"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0745",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0745"
    },
    {
      "cve": "CVE-2024-0746",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0746"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0746",
          "url": "https://www.suse.com/security/cve/CVE-2024-0746"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0746",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0746"
    },
    {
      "cve": "CVE-2024-0747",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0747"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0747",
          "url": "https://www.suse.com/security/cve/CVE-2024-0747"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0747",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0747"
    },
    {
      "cve": "CVE-2024-0748",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0748"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0748",
          "url": "https://www.suse.com/security/cve/CVE-2024-0748"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0748",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0748"
    },
    {
      "cve": "CVE-2024-0749",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0749"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox \u003c 122 and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0749",
          "url": "https://www.suse.com/security/cve/CVE-2024-0749"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0749",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0749"
    },
    {
      "cve": "CVE-2024-0750",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0750"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0750",
          "url": "https://www.suse.com/security/cve/CVE-2024-0750"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0750",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0750"
    },
    {
      "cve": "CVE-2024-0751",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0751"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0751",
          "url": "https://www.suse.com/security/cve/CVE-2024-0751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0751",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0751"
    },
    {
      "cve": "CVE-2024-0752",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0752"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox \u003c 122.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0752",
          "url": "https://www.suse.com/security/cve/CVE-2024-0752"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0752",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0752"
    },
    {
      "cve": "CVE-2024-0753",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0753"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0753",
          "url": "https://www.suse.com/security/cve/CVE-2024-0753"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0753",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0753"
    },
    {
      "cve": "CVE-2024-0754",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0754"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox \u003c 122.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0754",
          "url": "https://www.suse.com/security/cve/CVE-2024-0754"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0754",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0754"
    },
    {
      "cve": "CVE-2024-0755",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0755"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 122, Firefox ESR \u003c 115.7, and Thunderbird \u003c 115.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
          "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0755",
          "url": "https://www.suse.com/security/cve/CVE-2024-0755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218955 for CVE-2024-0755",
          "url": "https://bugzilla.suse.com/1218955"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-devel-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-common-122.0-1.1.x86_64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.aarch64",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.ppc64le",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.s390x",
            "openSUSE Tumbleweed:MozillaFirefox-translations-other-122.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0755"
    }
  ]
}

GHSA-X73F-6QWM-HH3X

Vulnerability from github – Published: 2024-01-23 15:30 – Updated: 2025-06-11 18:35

Details

A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.

Severity ?

4.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-0748"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-23T14:15:38Z",
    "severity": "MODERATE"
  },
  "details": "A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox \u003c 122.",
  "id": "GHSA-x73f-6qwm-hh3x",
  "modified": "2025-06-11T18:35:38Z",
  "published": "2024-01-23T15:30:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0748"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783504"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2024-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2024-10442

Vulnerability from cnvd - Published: 2024-03-01

Title

Mozilla Firefox安全绕过漏洞（CNVD-2024-10442）

Description

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox存在安全绕过漏洞，该漏洞是由与受损内容进程相关的错误引起的。攻击者可利用该漏洞修改文档URI。

Severity

中

Patch Name

Mozilla Firefox安全绕过漏洞（CNVD-2024-10442）的补丁

Patch Description

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox存在安全绕过漏洞，该漏洞是由与受损内容进程相关的错误引起的。攻击者可利用该漏洞修改文档URI。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.mozilla.org/en-US/security/advisories/mfsa2024-01/

Reference

https://nvd.nist.gov/vuln/detail/CVE-2024-0748

Impacted products

Name
Mozilla Firefox <122

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-0748",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-0748"
    }
  },
  "description": "Mozilla Firefox\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002\n\nMozilla Firefox\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e0e\u53d7\u635f\u5185\u5bb9\u8fdb\u7a0b\u76f8\u5173\u7684\u9519\u8bef\u5f15\u8d77\u7684\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4fee\u6539\u6587\u6863URI\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2024-01/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-10442",
  "openTime": "2024-03-01",
  "patchDescription": "Mozilla Firefox\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002\r\n\r\nMozilla Firefox\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e0e\u53d7\u635f\u5185\u5bb9\u8fdb\u7a0b\u76f8\u5173\u7684\u9519\u8bef\u5f15\u8d77\u7684\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4fee\u6539\u6587\u6863URI\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Mozilla Firefox\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2024-10442\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Mozilla Firefox \u003c122"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2024-0748",
  "serverity": "\u4e2d",
  "submitTime": "2024-01-26",
  "title": "Mozilla Firefox\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2024-10442\uff09"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-0748 (GCVE-0-2024-0748)

Solution

Solution

Tags

Sightings

Nomenclature